httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From minn...@polito.it
Subject Re: [users@httpd] Using both rewrite rules and basic authentication inside .htaccess
Date Fri, 01 Oct 2004 12:18:42 GMT
I just founded this thread on google (from alt.apache.configuration):
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=415bfff4%240%241894%24afc38c87%40news.easynet.fr&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3DUTF-8%26group%3Dalt.apache.configuration

with exactly my same problem...

The "possible" solution is clear: with apache 1.3 the module's order 
(LoadModule directive) between mod_auth and mod_rewrite may help to 
force the priority of rewrite stuff over authentication stuff, but with 
apache 2 that's impossible (the auth phase comes BEFORE the rewrite phase).

Mauro

minnoce@polito.it wrote:
> I'm using apache 1.3.31 with mod_rewrite and mod_ssl.
> Both secure and not-secure server use the same document root.
> 
> I want to use both rewrite rules and basic authentication inside a 
> single .htaccess file with this content:
> 
> ######## .htaccess #############################################
> RewriteEngine On
> RewriteCond %{HTTPS} !=on
> RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [R=permanent]
> 
> AuthName        "reserved Area"
> AuthType        Basic
> AuthUserFile    /path/to/acl_file
> require valid-user
> ################################################################
> 
> for obtaining automatic redirection to the same URL requested but under 
> SSL (https), when the first connection is not SSL.
> Only when the connection is crypted (under SSL) I want enforce the basic 
> authentication challenge, redirecting automatically to the SSL URL when 
> not.
> 
> I tested the two segments (rewrite stuff and authentication stuff) 
> separately and all works fine, but when combined in the same .htaccess 
> file only the authentication stuff seem's to work and NOT the rewrite 
> part, so the client is prompted for login but not over SSL!
> 
> Anyone know a working solution for this?
> 
> Thanks,
> Mauro
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message