You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Diana Shepard <Di...@cusys.edu> on 2005/12/20 01:08:20 UTC
[users@httpd] https RewriteRule before authentication
I am running Apache 2.0.53 on Sun Solaris 9.
I am trying to force the use of https for a particular web site.
I've done:
<VirtualHost *:80>
ServerName www.somewhere.com
RewriteEngine On
RewriteCond %{REQUEST_URI} /somestring/
RewriteRule ^(.*)$ https://www.somewhere.com/$1
</VirtualHost>
The problem is that the user must first be authenticated
against an ldap
and that password authentication happens before the
redirect;
defeats the whole purpose. The purpose is to encrypt the
login to the ldap.
Any suggestions?
Diana Shepard
University of Colorado, Boulder
303-492-9201
Diana Shepard
University of Colorado
University Management Systems
Unix System Admin
diana.shepard@cusys.edu
303-492-9201
Re: [users@httpd] https RewriteRule before authentication
Posted by Joshua Slive <jo...@slive.ca>.
On 12/19/05, Diana Shepard <Di...@cusys.edu> wrote:
>
>
> I am running Apache 2.0.53 on Sun Solaris 9.
>
> I am trying to force the use of https for a particular web site.
> I've done:
>
>
> <VirtualHost *:80>
> ServerName www.somewhere.com
> RewriteEngine On
> RewriteCond %{REQUEST_URI} /somestring/
> RewriteRule ^(.*)$ https://www.somewhere.com/$1
> </VirtualHost>
>
> The problem is that the user must first be authenticated against an ldap
> and that password authentication happens before the redirect;
> defeats the whole purpose. The purpose is to encrypt the login to the ldap.
>
> Any suggestions?
Scope the login directives inside the <VirtualHost :443> section.
Joshua.