httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: [users@httpd] https RewriteRule before authentication
Date Tue, 20 Dec 2005 00:57:47 GMT
On 12/19/05, Diana Shepard <Diana.Shepard@cusys.edu> wrote:
>
>
> I am running Apache 2.0.53 on Sun Solaris 9.
>
> I am trying to force the use of https for a particular web site.
> I've done:
>
>
> <VirtualHost *:80>
> ServerName www.somewhere.com
> RewriteEngine On
> RewriteCond %{REQUEST_URI} /somestring/
> RewriteRule ^(.*)$ https://www.somewhere.com/$1
> </VirtualHost>
>
> The problem is that the user must first be authenticated against an ldap
> and that password authentication happens before the redirect;
> defeats the whole purpose. The purpose is to encrypt the login to the ldap.
>
> Any suggestions?

Scope the login directives inside the <VirtualHost :443> section.

Joshua.
Mime
View raw message