id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	launchpad_bug
2401	"authentication via proxy breaks ""tahoe backup"""	lpirl		"Assume we have a grid with a star-like topology (maybe because you can't get all but one nodes out of their NAT).

As a result, we have one node that can be connected to and all other nodes are (indirectly) reachable through that node.

That node offers the Web API as well as the WUI.

We want to authenticate users that access the WUI as well as the Web API if they do not have a valid CAP already.

Via a Web proxy, we therefore globally add SSL and add Basic Authentication for all locations except `/uri/.+`.

From my understanding/observations, `tahoe backup` `PUT`s all files to `/` and add them to the directory afterwards.

Due to the Basic Authentication, it dies.

I'd find it desirable to be able to add authentication ''and'' to be able to use `tahoe backup`. This could possibly be achieved by adding Basic Authentication compatibility to the Tahoe client or to let `tahoe backup` `PUT` to an URL containing a CAP."	defect	new	normal	soon	code-frontend-web	1.10.0		authentication wui webapi http websec	tahoe-lafs.org@…