Make sure the contents of the WWW-Authenticate header is

passed on a 4xx error by proxy. Previously all headers
were dropped, resulting in the browser being unable to
authenticate.
PR:
Obtained from:
Submitted by:	Dr Richard Reiner <rreiner@fscinternet.com>, Richard Danielli <rdanielli@fscinternet.com>, Graham Wiseman <gwiseman@fscinternet.com>, David Henderson <dhenderson@fscinternet.com>
Reviewed by:	Graham Leggett


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96982 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 12 insertions, 0 deletions

diff --git a/modules/proxy/proxy_http.c b/modules/proxy/proxy_http.c
index aa1e08dd7a..05881edfa1 100644
--- a/modules/proxy/proxy_http.c
+++ b/modules/proxy/proxy_http.c
@@ -860,6 +860,17 @@ apr_status_t ap_proxy_http_process_response(apr_pool_t * p, request_rec *r,
             }
         }
 
+      if ((r->status == 401) && (conf->error_override != 0)) {
+          const char *buf;
+          const char *wa = "WWW-Authenticate";
+          if (buf = apr_table_get(r->headers_out, wa)) {
+              apr_table_set(r->err_headers_out, wa, buf);
+          } else {
+              ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
+                           "proxy: origin server sent 401 without w-a header");
+          }
+      }
+
         r->sent_bodyct = 1;
         /* Is it an HTTP/0.9 response? If so, send the extra data */
         if (backasswards) {
@@ -966,6 +977,7 @@ apr_status_t ap_proxy_http_process_response(apr_pool_t * p, request_rec *r,
              */
             int status = r->status;
             r->status = HTTP_OK;
+          ap_discard_request_body(rp);
             return status;
         }
     } else