LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] mod_rewrite and mod_auth ordering issue

[ILUG] mod_rewrite and mod_auth ordering issue

Neil Quiogue nquiogue at gmail.com
Fri Jun 24 17:12:00 IST 2005 

Sorry to be clear is that you would need to have a VirtualHost on port
80 with a different DocumentRoot [and thus saving you from accessing
.htaccess]) then redirect to another VirtualHost on port 443 with the
DocumentRoot set to where the .htaccess is along with the AuthConfig.

<VirtualHost 10.10.10.1:80>
   ServerName myserver.company.com
   DocumentRoot /path/to/bogus/docroot
   RedirectPermanent / https://myserver.company.com
</VirtualHost>

<VirtualHost 10.10.10.1:443>
   ServerName myserver.company.com
   DocumentRoot /path/to/real/docroot
</VirtualHost>

Or something like that...

Regards, Neil

2005/6/24, Neil Quiogue <nquiogue at gmail.com>:
> So why not have a VirtualHost listening on port 80 then do a redirect
> on port 443 (https) where you have AuthConfig in?  In that manner, you
> would only have authentication after the redirect on port 443?
> 
> Regards, Neil
> 
> 2005/6/24, Stephen Shirley <diamond at skynet.ie>:
> > Conall O'Brien wrote:
> > > On Thu, Jun 23, 2005 at 02:42:13PM IST, Stephen Shirley
> > > <diamond at skynet.ie> incoherently babbled:
> > >>However, what happens is that i'm prompted for the username and password
> > >>before i'm redirected to ssl, which is useless. Is there any way i can
> > >>get the rewrite to happen before the auth? Thanks,
> > >
> > > I'm not an expert with Apache by any means, but what if you had a
> > > RedirectMatch in place to force http traffic over to https instead of
> > > the Rewrite rule?
> >
> > The main issue with that is that the site can be accessed by various
> > names, in particular, www.site.tld, www.ipv4.site.tld, and
> > www.ipv6.site.tld. Using RedirectMatch doesn't give me the ability to
> > not stomp on the users choice of sitename (and hence on the users
> > explicit choice in ip versions, which can be important).
> >
> > > I'm sure there's a much better way, if someone is happy to share it...
> >
> > Aye, i'm hoping so. In the mean time i've had to resort to leaving out
> > the rewrite stuff (as it doesn't get used, grr), and just putting in
> > 'SSLRequireSSL', which denies access if ssl is not used. It's secure,
> > but not a great solution -(
> >
> > Steve
> >
> > --
> > Irish Linux Users' Group
> > http://www.linux.ie/mailman/listinfo/ilug/
> >
> >
>

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell