httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michele Marcionelli" <>
Subject [users@httpd] %{HTTP:Authorization}
Date Wed, 12 Nov 2003 12:35:09 GMT

I'm using Apache 2.0.40 on Red Hat Linux 9.

I want to use a rewrite condition to redirect all HTTP authentications to a
secure connection (SSL, https).

What shall I do? I tryed the following rewiterule:

  RewriteCond %{HTTP:Authorization} ^.+
  RewriteRule ^(.*) https://%{HTTP_HOST}$1 [R,L]

This does't work correctly. What happend is the following:

1. I'm asked to enter (on http) username and password
2. the RewriteCond matched the condition and switch to https
3. I'm asked again to enter username and password again (!!)

The problem is (1.)... the password is sent over http and not https.

Can someone help me?

Michele Marcionelli - webmaster@math - Phone: +41 1 632 6193
Address: HG G 14 - Rämistrasse 101 - 8092 Zürich - Switzerland

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message