You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Thomas Hart <to...@coopfed.org> on 2007/12/25 00:19:58 UTC
[users@httpd] mod_rewrite exception
Hello everybody. I have an especially strange one today.
As some of you may be aware, apache has a bug in how it handles pooled
connections to an ldap server (to be fair, it's not an apache bug, it's
a problem with windows active directory acting differently than it's
supposed to). The gist of it is that if apache doesn't connect to a
Windows 2003 Active Directory server to do an ldap auth for 10 minutes,
then the connection times out. However the communication between the
ldap server and apache is not handled correctly and apache bounces the
request with a 500 internal server error. There are a couple patches on
the bugzilla for this, however re-compiling apache is not an option for
me at this time unfortunately.
My current idea for a workaround is this. I'd like to set up a cron job
(the windows equivalent anyway) that connects to the apache server and
sends http headers with auth info every 5 minutes, so that the apache
server is reusing that connection every 5 minutes, thus keeping it from
reaching the "fail state". I've crafted a script that sends pre-crafted
http headers to the web server, containing the auth information. Here's
my issue:
I have a rewrite rule
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
that takes all requests and changes them to https (seems to even if the
web address is https). This causes apache to respond with a "page has
moved" page, and it doesn't request the auth info. What I need to do is
this (sorry for the long explanation).
I need to modify my rewrite rule, so that it excludes one page
(https://server/testing/test.php). This way I can request that page, and
apache will pay attention to the auth headers, and my goal will be
accomplished :-) Any regex/rewrite gurus that can point me in the right
direction?
TIA
--
Tom Hart
IT Specialist
Cooperative Federal
723 Westcott St.
Syracuse, NY 13210
(315) 471-1116 ext. 202
(315) 476-0567 (fax)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_rewrite exception
Posted by so...@apache.org.
On 12/24/07, Thomas Hart <to...@coopfed.org> wrote:
> As some of you may be aware, apache has a bug in how it handles pooled
> connections to an ldap server (to be fair, it's not an apache bug, it's
> a problem with windows active directory acting differently than it's
> supposed to). The gist of it is that if apache doesn't connect to a
> Windows 2003 Active Directory server to do an ldap auth for 10 minutes,
> then the connection times out. However the communication between the
> ldap server and apache is not handled correctly and apache bounces the
> request with a 500 internal server error. There are a couple patches on
> the bugzilla for this, however re-compiling apache is not an option for
> me at this time unfortunately.
>
> My current idea for a workaround is this. I'd like to set up a cron job
> (the windows equivalent anyway) that connects to the apache server and
> sends http headers with auth info every 5 minutes, so that the apache
> server is reusing that connection every 5 minutes, thus keeping it from
> reaching the "fail state". I've crafted a script that sends pre-crafted
> http headers to the web server, containing the auth information. Here's
> my issue:
>
> I have a rewrite rule
>
> RewriteEngine on
> RewriteCond %{SERVER_PORT} !^443$
> RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
>
> that takes all requests and changes them to https (seems to even if the
> web address is https). This causes apache to respond with a "page has
> moved" page, and it doesn't request the auth info. What I need to do is
> this (sorry for the long explanation).
>
> I need to modify my rewrite rule, so that it excludes one page
> (https://server/testing/test.php). This way I can request that page, and
> apache will pay attention to the auth headers, and my goal will be
> accomplished :-) Any regex/rewrite gurus that can point me in the right
> direction?
>
> TIA
> Tom Hart
Add conditions to test the protocol and bypass the specific URL.
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{SERVER_PROTOCOL} !^https$ [NC]
RewriteCond %{REQUEST_URI} !^/testing/test\.php$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
For your example, the specific URL test will not be needed if the
protocol test works properly.
HTH,
solprovider
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org