I have an Apache 2.2 reverse ajp proxy sitting in front of a standalone jira installation, for internal users to hit. This works fine.

The same reverse ajp proxy settings on an internet facing host works as well, provided we do not try to add AuthType Basic as an additional hoop to jump through.

With AuthType Basic enabled, the internet facing apache, we get a 401 from Tomcat after entering in the user/pass at the apache level.

Any ideas? Do I need to add the basic auth user to tomcat somehow?

[snip]

<Proxy *>
Order deny,allow
Deny from all
AuthType Basic
AuthName "Jira is a restricted area."
AuthUserFile /etc/httpd/conf/vhosts/jira_htpassword
require valid-user
satisfy any
</Proxy>

ProxyRequests Off
ProxyPreserveHost On

ProxyPass / ajp://jirahostip:8009/
ProxyPassReverse / ajp://jirahostip:8009/

[snip]