85cb4d
diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c
85cb4d
index d13c249..f383996 100644
85cb4d
--- a/modules/proxy/mod_proxy.c
85cb4d
+++ b/modules/proxy/mod_proxy.c
85cb4d
@@ -1200,11 +1200,20 @@ static int proxy_handler(request_rec *r)
85cb4d
                     /* handle the scheme */
85cb4d
                     ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01142)
85cb4d
                                   "Trying to run scheme_handler against proxy");
85cb4d
+
85cb4d
+                    if (ents[i].creds) {
85cb4d
+                        apr_table_set(r->notes, "proxy-basic-creds", ents[i].creds);
85cb4d
+                        ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
85cb4d
+                                      "Using proxy auth creds %s", ents[i].creds);
85cb4d
+                    }
85cb4d
+
85cb4d
                     access_status = proxy_run_scheme_handler(r, worker,
85cb4d
                                                              conf, url,
85cb4d
                                                              ents[i].hostname,
85cb4d
                                                              ents[i].port);
85cb4d
 
85cb4d
+                    if (ents[i].creds) apr_table_unset(r->notes, "proxy-basic-creds");
85cb4d
+
85cb4d
                     /* Did the scheme handler process the request? */
85cb4d
                     if (access_status != DECLINED) {
85cb4d
                         const char *cl_a;
85cb4d
@@ -1621,8 +1630,8 @@ static void *merge_proxy_dir_config(apr_pool_t *p, void *basev, void *addv)
85cb4d
     return new;
85cb4d
 }
85cb4d
 
85cb4d
-static const char *
85cb4d
-    add_proxy(cmd_parms *cmd, void *dummy, const char *f1, const char *r1, int regex)
85cb4d
+static const char *add_proxy(cmd_parms *cmd, void *dummy, const char *f1,
85cb4d
+                             const char *r1, const char *creds, int regex)
85cb4d
 {
85cb4d
     server_rec *s = cmd->server;
85cb4d
     proxy_server_conf *conf =
85cb4d
@@ -1680,19 +1689,24 @@ static const char *
85cb4d
     new->port = port;
85cb4d
     new->regexp = reg;
85cb4d
     new->use_regex = regex;
85cb4d
+    if (creds) {
85cb4d
+        new->creds = apr_pstrcat(cmd->pool, "Basic ",
85cb4d
+                                 ap_pbase64encode(cmd->pool, (char *)creds),
85cb4d
+                                 NULL);
85cb4d
+    }
85cb4d
     return NULL;
85cb4d
 }
85cb4d
 
85cb4d
-static const char *
85cb4d
-    add_proxy_noregex(cmd_parms *cmd, void *dummy, const char *f1, const char *r1)
85cb4d
+static const char *add_proxy_noregex(cmd_parms *cmd, void *dummy, const char *f1,
85cb4d
+                                     const char *r1, const char *creds)
85cb4d
 {
85cb4d
-    return add_proxy(cmd, dummy, f1, r1, 0);
85cb4d
+    return add_proxy(cmd, dummy, f1, r1, creds, 0);
85cb4d
 }
85cb4d
 
85cb4d
-static const char *
85cb4d
-    add_proxy_regex(cmd_parms *cmd, void *dummy, const char *f1, const char *r1)
85cb4d
+static const char *add_proxy_regex(cmd_parms *cmd, void *dummy, const char *f1,
85cb4d
+                                   const char *r1, const char *creds)
85cb4d
 {
85cb4d
-    return add_proxy(cmd, dummy, f1, r1, 1);
85cb4d
+    return add_proxy(cmd, dummy, f1, r1, creds, 1);
85cb4d
 }
85cb4d
 
85cb4d
 PROXY_DECLARE(const char *) ap_proxy_de_socketfy(apr_pool_t *p, const char *url)
85cb4d
@@ -2638,9 +2652,9 @@ static const command_rec proxy_cmds[] =
85cb4d
     "location, in regular expression syntax"),
85cb4d
     AP_INIT_FLAG("ProxyRequests", set_proxy_req, NULL, RSRC_CONF,
85cb4d
      "on if the true proxy requests should be accepted"),
85cb4d
-    AP_INIT_TAKE2("ProxyRemote", add_proxy_noregex, NULL, RSRC_CONF,
85cb4d
+    AP_INIT_TAKE23("ProxyRemote", add_proxy_noregex, NULL, RSRC_CONF,
85cb4d
      "a scheme, partial URL or '*' and a proxy server"),
85cb4d
-    AP_INIT_TAKE2("ProxyRemoteMatch", add_proxy_regex, NULL, RSRC_CONF,
85cb4d
+    AP_INIT_TAKE23("ProxyRemoteMatch", add_proxy_regex, NULL, RSRC_CONF,
85cb4d
      "a regex pattern and a proxy server"),
85cb4d
     AP_INIT_FLAG("ProxyPassInterpolateEnv", ap_set_flag_slot_char,
85cb4d
         (void*)APR_OFFSETOF(proxy_dir_conf, interpolate_env),
85cb4d
diff --git a/modules/proxy/mod_proxy.h b/modules/proxy/mod_proxy.h
85cb4d
index 288c5d4..57cc92f 100644
85cb4d
--- a/modules/proxy/mod_proxy.h
85cb4d
+++ b/modules/proxy/mod_proxy.h
85cb4d
@@ -116,6 +116,7 @@ struct proxy_remote {
85cb4d
     const char *protocol;   /* the scheme used to talk to this proxy */
85cb4d
     const char *hostname;   /* the hostname of this proxy */
85cb4d
     ap_regex_t *regexp;     /* compiled regex (if any) for the remote */
85cb4d
+    const char *creds;      /* auth credentials (if any) for the proxy */
85cb4d
     int use_regex;          /* simple boolean. True if we have a regex pattern */
85cb4d
     apr_port_t  port;       /* the port for this proxy */
85cb4d
 };
85cb4d
diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
85cb4d
index 0759dac..2bfc8f0 100644
85cb4d
--- a/modules/proxy/proxy_util.c
85cb4d
+++ b/modules/proxy/proxy_util.c
85cb4d
@@ -2446,11 +2446,14 @@ ap_proxy_determine_connection(apr_pool_t *p, request_rec *r,
85cb4d
                      * So let's make it configurable by env.
85cb4d
                      * The logic here is the same used in mod_proxy_http.
85cb4d
                      */
85cb4d
-                    proxy_auth = apr_table_get(r->headers_in, "Proxy-Authorization");
85cb4d
+                    proxy_auth = apr_table_get(r->notes, "proxy-basic-creds");
85cb4d
+                    if (proxy_auth == NULL)
85cb4d
+                        proxy_auth = apr_table_get(r->headers_in, "Proxy-Authorization");
85cb4d
+
85cb4d
                     if (proxy_auth != NULL &&
85cb4d
                         proxy_auth[0] != '\0' &&
85cb4d
-                        r->user == NULL && /* we haven't yet authenticated */
85cb4d
-                        apr_table_get(r->subprocess_env, "Proxy-Chain-Auth")) {
85cb4d
+                        (r->user == NULL  /* we haven't yet authenticated */
85cb4d
+                         || apr_table_get(r->subprocess_env, "Proxy-Chain-Auth"))) {
85cb4d
                         forward->proxy_auth = apr_pstrdup(conn->pool, proxy_auth);
85cb4d
                     }
85cb4d
                 }
85cb4d
@@ -2672,7 +2675,8 @@ static apr_status_t send_http_connect(proxy_conn_rec *backend,
85cb4d
     nbytes = apr_snprintf(buffer, sizeof(buffer),
85cb4d
                           "CONNECT %s:%d HTTP/1.0" CRLF,
85cb4d
                           forward->target_host, forward->target_port);
85cb4d
-    /* Add proxy authorization from the initial request if necessary */
85cb4d
+    /* Add proxy authorization from the configuration, or initial
85cb4d
+     * request if necessary */
85cb4d
     if (forward->proxy_auth != NULL) {
85cb4d
         nbytes += apr_snprintf(buffer + nbytes, sizeof(buffer) - nbytes,
85cb4d
                                "Proxy-Authorization: %s" CRLF,
85cb4d
@@ -3567,6 +3571,7 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
85cb4d
     apr_bucket *e;
85cb4d
     int do_100_continue;
85cb4d
     conn_rec *origin = p_conn->connection;
85cb4d
+    const char *creds;
85cb4d
     proxy_dir_conf *dconf = ap_get_module_config(r->per_dir_config, &proxy_module);
85cb4d
 
85cb4d
     /*
85cb4d
@@ -3743,6 +3748,11 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
85cb4d
         return HTTP_BAD_REQUEST;
85cb4d
     }
85cb4d
 
85cb4d
+    creds = apr_table_get(r->notes, "proxy-basic-creds");
85cb4d
+    if (creds) {
85cb4d
+        apr_table_mergen(r->headers_in, "Proxy-Authorization", creds);
85cb4d
+    }
85cb4d
+
85cb4d
     /* send request headers */
85cb4d
     headers_in_array = apr_table_elts(r->headers_in);
85cb4d
     headers_in = (const apr_table_entry_t *) headers_in_array->elts;