Hi all!
I have an application (LibreNMS) that I am unable to change. It is currently running under apache. It runs under fast CGI which I have managed to set up. Unfortunately, I still get a 403 error when trying to access the application. The only part of the apache config that I have not yet managed to add to OpenLiteSpeed is:
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
It appears to me that this basically sets an environment variable with the contents of the authorization header. Maybe it's not required but I can't seem to find any other reason that I would get a 403 but I am happy to explore other possibilities. For completeness, here is the full apache virtual host. Our working site is here and the OpenLiteSpeed test is here.
I am really enjoying OpenLiteSpeed so far so I hope that I can get this working so that I can switch off apache. Let me know if there is any more information that I can provide. I have searched quite a bit for this but not quite found the answer. I know that setting ENV variables is supported but it doesn't seem to allow setting it from a header like in this case. Some other posts have also suggested that it might be possible to use the rewrite engine but I don't think it can set ENV variables.
I have an application (LibreNMS) that I am unable to change. It is currently running under apache. It runs under fast CGI which I have managed to set up. Unfortunately, I still get a 403 error when trying to access the application. The only part of the apache config that I have not yet managed to add to OpenLiteSpeed is:
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
It appears to me that this basically sets an environment variable with the contents of the authorization header. Maybe it's not required but I can't seem to find any other reason that I would get a 403 but I am happy to explore other possibilities. For completeness, here is the full apache virtual host. Our working site is here and the OpenLiteSpeed test is here.
Apache config:
<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot /opt/librenms/html/
ServerName librenms.example.com
AllowEncodedSlashes NoDecode
<Directory "/opt/librenms/html/">
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
</Directory>
<IfModule setenvif_module>
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
<FilesMatch ".+\.php$">
SetHandler "proxy:unix:/run/php-fpm-librenms.sock|fcgi://localhost"
</FilesMatch>
SSLCertificateFile /etc/letsencrypt/live/librenms.evix.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/librenms.evix.org/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>