Howto use CouchDB behind Apache reverse proxy?

Question

I just installed CouchDB from source on my Debian with apache 2.4.10.

$ curl http://localhost:5984/                                                                                                    
{"couchdb":"Welcome","uuid":"76929f1fc6f1e2c01edcd5b712fff044","version":"1.6.1","vendor":{"version":"1.6.1","name":"The Apache Software Fou
ndation"}}

I want to use it through https Apache Reverse Proxy :

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ServerAdmin webmaster@localhost

    DocumentRoot /var/www
    <Directory /> 
        Options FollowSymLinks
        AllowOverride All
        SSLRequireSSL

    </Directory>

    #For using my owncloud and wiki without HTTP AUTH, and all the rest
    #with HTTP AUTH
    <LocationMatch "^/(?!owncloud|wiki)">
        AuthType Basic
        AuthName "Acces Restreint"
        AuthBasicProvider file
        AuthUserFile /home/...myfile
        Require valid-user      
        AllowOverride All
    </LocationMatch>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

    #Here I try to configure my reverse proxy for accessing CouchDB through https://example.com/couchdb/
    <Location /couchdb>
        ProxyPass http://localhost:5984/ ttl=60
        ProxyPassReverse http://localhost:5984/
        ProxyPassReverseCookieDomain localhost example.com
        RequestHeader set Origin "http://localhost:5984"
        AllowOverride all

        AuthType Basic
        AuthName "Acces Restreint"
        AuthUserFile /home/...myfile
        Require valid-user      
    </Location>

    SSLProxyEngine On
    SSLEngine on
    SSLCertificateFile /..../file.pem




    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
        SSLOptions +StdEnvVars
    </Directory>


    BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
    # MSIE 7 and newer should be able to use keepalive
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

</VirtualHost>
</IfModule>

But when I try to connect through the internet to : https://example.com/couchdb

I get the following result :

{"error":"unauthorized","reason":"Name or password is incorrect."}

So it seems that couchdb is responding, but why does it require an authorization while it didn't using :

$curl http://localhost:5984/    

Any clue ?

Answer 1

Found it ! I had to unset the Authorization header :

I also had to change http://localhost:5984/ for http://localhost:5984

    <Location /couchdb> 
            ProxyPass http://localhost:5984 ttl=60
            ProxyPassReverse http://localhost:5984
            ProxyPassReverseCookieDomain localhost example.com
            RequestHeader set Origin "http://localhost:5984" 
            RequestHeader unset Authorization
            AllowOverride all 

            AuthType Basic 
            AuthName "Acces Restreint" 
            AuthUserFile /...
            Require valid-user 
    </Location>