You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Chris Gorman <ch...@cgnet.ca> on 2002/11/14 20:20:26 UTC
[users@httpd] Inability to force https rewrite before password authentication
Hello All,
I have a strange problem here and was wondering if anyone had a solution.
I'm looking to perform a rewrite to https then require the user submit a
username and password. The idea behind this is that the username and
password are submitted encrypted rather than in plain text.
First off version information
Apache: Server version: Apache/1.3.26 (Unix)
Mod_SSL: 2.8.9 (debian 2.8.9-2.1)
I looked at Ralf Engelschall's presentation from apachecon2000 (ref
http://www.modssl.org/docs/apachecon2000/slide-021-n.html ) which does
have a recipie for what I am looking to accomplish. The only problem I
have is it doesn't seem to work for me. The password authentication
happens before the url redirection which isn't desireable in this case.
My configuration
<Directory "/<server-root>/subdir">
Options Indexes FollowSymLinks
AllowOverride All
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^192\.168\.1\.[0-9]+$
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/subdir/$1 [R,L]
SSLOptions +StrictRequire
SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
Satisfy any
Order deny,allow
deny from all
allow from 192.168.1.0/255.255.255.0
AuthName "Restricted Access"
AuthType Basic
AuthUserFile <path-to>/passwd
Require valid-user
</Directory>
Any ideas or suggestions on how I would overcome this obstacle, or reverse
the order of directive processing so the rewrite happens first?
Thanks
Chris
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org