You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Pawel Osiczko <p....@tetrapyloctomy.org> on 2006/03/10 02:54:26 UTC
[users@httpd] Triggering secure authentication followed by redirection
Hello,
I am trying to find a sane and simple way to redirect unauthenticated
user from directory /foo to a secure directory /bar. After
successful authentication occurs in /bar, I would like to redirect
them back to /foo via http, not https. Is this possible?
Directory /foo is configured with the following rewrite:
<VirtualHost *:80>
RewriteLog "/var/log/httpd2/rewrite.log"
RewriteLogLevel 8
<Directory "/www/foo">
RewriteEngine on
RewriteCond %{LA-U:REMOTE_USER} ^$
RewriteRule (.*) https://www.foobar.com/bar [R,L]
DirectoryIndex index.php index.html
AddType application/x-httpd-php .php
Options Indexes FollowSymlinks MultiViews
AllowOverride None
</Directory>
Alias /foo /www/foo
(...)
</VirtualHost>
<VirtualHost *:443>
(...)
<Directory "/www/bar">
DirectoryIndex index.php index.html
AddType application/x-httpd-php .php
Options Indexes FollowSymlinks MultiViews
AllowOverride All
</Directory>
Alias /bar /www/bar
</VirtualHost>
Directory bar has .htaccess with
AuthName "Foobar User Login"
AuthType Kerberos
Krb5Keytab /etc/httpd2/auth_kerb.keytab
KrbAuthRealm FOOBAR.COM
KrbMethodNegotiate off
KrbSaveCredentials off
KrbVerifyKDC off
Require valid-user
What am I missing to redirect from /bar to /foo? Is REMOTE_USER set
post authentication in /bar? Attempt to rewrite inside SSL section
with:
RewriteCond %{LA-U:REMOTE_USER} !^$
RewriteRule (.*) http://www.foobar/foo [R,L]
fail to redirect to http://www.foobar.com/foo and I am left in
https://www.foobar.com/bar.
Any help would be appreciated.
Thank you!
Pawel
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org