You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Daniel Berhane <db...@gmail.com> on 2005/11/28 17:15:02 UTC
[users@httpd] Apache 2.0 mod_rewrite and mod_auth_ldap problems
We are in the process of setting up access control for our new Intranet
which is Plone and Zope application running on port 8080. The access control
should allow all our company users within the Firewall read access to the
Intranet server without login. Outside the Firewall, all users have to
authenticate to have read access.
We are using Apache modules mod_auth_ldap for access control and mod_rewrite
to map the URL and into a shorter friendly domain name with the standard
http port 80. The mod_auth_ldap configuration and mod_rewrite configuration
work well separately but create problems when we try to put them together.
We want outside Firewall users to authenticate and want mod_rewrite to
transfer the URL. The main problem, we have is the authentication directives
work only under the context of "directory" and because the Plone & Zope is a
separate application server running under a different port, the mod_rewrite
module does not seem to run under the context of "directory". Please have a
look at the current Apache configuration below. The mod_rewrite part works
OK but no authentication happens. There may be another solution to the
problem and I would be grateful to hear your comments and suggestions. I
know the information I've given you may not be detailed enough, but I will
be happy to discuss it with you if you need more details ...
<VirtualHost *:80>
ServerName intranet.mycompany.com
RewriteEngine On
RewriteRule ^/(.*)
http://localhost:8080/VirtualHostBase/http/intranet.mycompany.com:80/Plone/VirtualHostRoot/$1[L,P]
<Directory />
order deny,allow
deny from all
allow from 172.24
AuthType Basic
AuthName "Company Intranet"
LDAP_Debug On
LDAP_Server ldap.company.com
LDAP_Connect_Timeout 1000
Base_DN "o=company"
require valid-user
Satisfy any
</Directory>
</VirtualHost>
thanks,
Daniel.
Re: [users@httpd] Apache 2.0 mod_rewrite and mod_auth_ldap problems
Posted by Jason Martens <jm...@cityofevanston.org>.
On Mon, 2005-11-28 at 16:15 +0000, Daniel Berhane wrote:
***** Snip *****
> authenticate and want mod_rewrite to transfer the URL. The main
> problem, we have is the authentication directives work only under the
> context of "directory" and because the Plone & Zope is a separate
> application server running under a different port, the mod_rewrite
> module does not seem to run under the context of "directory".
******* Snip ******
That is not true. You can put authentication directives in both
<Directory> and <Location> contexts. From the apache documentation at
http://httpd.apache.org/docs/2.0/mod/directive-dict.html#Context
"directory
A directive marked as being valid in this context may be used
inside <Directory>, <Location>, and <Files> containers in the
server configuration files, subject to the restrictions outlined
in How Directory, Location and Files sections work."
Jason Martens
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org