I've followed the instructions on setting up Apache Authentication (have to authenticate against an Active Directory server) here http://wiki.galaxyproject.org/Admin/Config/Apache%20Proxy and it doesn't work for external display sites unfortunately.  The section on display sites suggests the following:

<Location "/root/display_as">
    Satisfy Any
    Order deny,allow
    Deny from all
    Allow from hgw1.cse.ucsc.edu
    Allow from hgw2.cse.ucsc.edu
    Allow from hgw3.cse.ucsc.edu
    Allow from hgw4.cse.ucsc.edu
    Allow from hgw5.cse.ucsc.edu
    Allow from hgw6.cse.ucsc.edu
    Allow from hgw7.cse.ucsc.edu
    Allow from hgw8.cse.ucsc.edu
</Location>

but that doesn't stop Apache requiring authentication.  Only putting the Allow from hgw1.csc.ucsc.edu lines in the Location "/" directive gets past that but then I hit another issue which didn't previously exist where I get an error "redirected to non-http(s): /static/user_disabled.html" which is new since I have had it work with this current install.  It is possible that CentOS has pushed an update onto my server that has changed some subtle behaviour I guess but it is eluding me entirely and Google isn't doing me much good (Samsung, why did you have to exist?!)

For the moment I've disabled the UCSC sites but that isn't a long term solution and I'm stuck because I have to use Apache and AD authentication so I would appreciate hearing from anyone who has figured out how to get this to work.

Shane

--
For urgent cases, contact support@biomatters.com

Dr Shane Sturrock
Senior Scientist
Tel: +64 (0) 9 379 5064
76 Anzac Ave
Auckland
New Zealand