httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pawel Osiczko <p.osic...@tetrapyloctomy.org>
Subject [users@httpd] Triggering secure authentication followed by redirection
Date Fri, 10 Mar 2006 01:54:26 GMT

Hello,

I am trying to find a sane and simple way to redirect unauthenticated
user from directory /foo to a secure directory /bar. After
successful authentication occurs in /bar, I would like to redirect 
them back to /foo via http, not https. Is this possible?

Directory /foo is configured with the following rewrite:

<VirtualHost *:80>
  RewriteLog "/var/log/httpd2/rewrite.log"
  RewriteLogLevel 8

  <Directory "/www/foo">
    RewriteEngine   on
    RewriteCond     %{LA-U:REMOTE_USER} ^$
    RewriteRule     (.*) https://www.foobar.com/bar [R,L]

    DirectoryIndex index.php index.html
    AddType application/x-httpd-php .php
    Options Indexes FollowSymlinks MultiViews
    AllowOverride None
  </Directory>
  Alias /foo /www/foo
(...)
</VirtualHost>

<VirtualHost *:443>
(...)
 <Directory "/www/bar">
    DirectoryIndex index.php index.html
    AddType application/x-httpd-php .php
    Options Indexes FollowSymlinks MultiViews
    AllowOverride All
  </Directory>
  Alias /bar /www/bar

</VirtualHost>

Directory bar has .htaccess with

AuthName "Foobar User Login"
AuthType Kerberos
Krb5Keytab /etc/httpd2/auth_kerb.keytab
KrbAuthRealm FOOBAR.COM
KrbMethodNegotiate off
KrbSaveCredentials off
KrbVerifyKDC off
Require valid-user

What am I missing to redirect from /bar to /foo? Is REMOTE_USER set
post authentication in /bar? Attempt to rewrite inside SSL section
with:

RewriteCond     %{LA-U:REMOTE_USER} !^$
RewriteRule     (.*) http://www.foobar/foo [R,L]

fail to redirect to http://www.foobar.com/foo and I am left in
https://www.foobar.com/bar.

Any help would be appreciated.

Thank you!

Pawel

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message