httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bryan Richardson" <btri...@gmail.com>
Subject [users@httpd] Question about Apache SSL and Rewrites
Date Sun, 16 Dec 2007 17:17:08 GMT
Hello all,

I've set up a Trac site on my server, and I'm trying to configure it such
that when a user attempts to login, SSL is used.  I *think* I've configured
my rewrites correctly (see below), but after the login occurs the site is
still using SSL.  I only want to use SSL for the actual act of logging in,
and nothing else.  Can anyone help me with this?  See my site configuration
files below for what I have so far.  Thanks!

P.S. Can anyone tell me what SSLRequireSSL does and if it's actually
necessary?

#### Apache2 default site config file ####

<VirtualHost 127.0.0.1:80>
    ServerAdmin webmaster@localhost

    DocumentRoot /home/foo/public_html/

    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>

    <Directory /home/foo/public_html/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all

        RewriteEngine On
        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule trac/[^/]+/login$ https://%{SERVER_NAME}%{REQUEST_URI}
[L,R]
    </Directory>

    <Location /trac>
        SetHandler mod_python
        PythonHandler trac.web.modpython_frontend
        PythonOption TracEnvParentDir /home/foo/public_html/trac/
        PythonOption TracUriRoot /trac
    </Location>

    <Location /svn>
        DAV svn
        SVNParentPath /home/foo/svn/
        AuthType Basic
        AuthName "Subversion Repository"
        AuthUserFile /home/foo/.passwd
        AuthzSVNAccessFile /home/foo/.authz
        Require valid-user
    </Location>
</VirtualHost>

<VirtualHost 127.0.0.1:443>
    DocumentRoot /home/foo/public_html/

    SSLEngine On
    SSLCertificateFile /etc/apache2/ssl/selfsigned.pem
    SSLCertificateKeyFile /etc/apache2/ssl/selfsigned.pem

    <Location /trac>
       SSLRequireSSL On
    </Location>

    <Directory /trac>
      Options FollowSymLinks
      AllowOverride None
    </Directory>

    <Location /trac>
        SetHandler mod_python
        PythonHandler trac.web.modpython_frontend
        PythonOption TracEnvParentDir /home/foo/public_html/trac/
        PythonOption TracUriRoot /trac
    </Location>

    <LocationMatch "/trac/[^/]+/login">
        AuthType Basic
        AuthName "Trac"
        AuthUserFile /home/foo/.passwd
        Require valid-user
    </LocationMatch>

</VirtualHost>

Mime
View raw message