httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rich Bowen <rbo...@rcbowen.com>
Subject Re: [users@httpd] mod_rewrite redirect to login page
Date Tue, 04 Mar 2014 15:44:27 GMT

On 03/03/2014 05:40 PM, Keith Lawson wrote:
> Hello,
>    # Redirect to pass through authentication if internal
>    #
>    RewriteCond %{REMOTE_ADDR} ^10\..*$
>    RewriteCond %{LA-U:REMOTE_USER} !(.+)
>    RewriteRule ^/kltest/env$ https://sso.lhsc.on.ca/signauto/in [NS]
>    # Redirect to manual authentication if external
>    #
>    RewriteCond %{LA-U:REMOTE_USER} !(.+)
>    RewriteCond %{REMOTE_ADDR}      !^10\..*$
>    RewriteRule ^/kltest/env$ https://sso.lhsc.on.ca/sign/in [NS]
> "Site::SSO" is our in house Apache2::AuthCookie auth handler, the 
> ticket for this is set once you authenticate to one of the pages on 
> "sso.lhsc.on.ca" and "REMOTE_USER" is set if I remove the rewrite 
> rules but mod_rewrite never sees anything in "REMOTE_USER". What am I 
> missing?
>

I suspect that you might be able to do the same thing with

ErrorDocument 403  https://sso.lhsc.on.ca/signauto/in

and avoid the convolutions of mod_rewrite here. Assuming your in-house 
mod_perl auth handler returns a 403 on auth failure.

--Rich


-- 
Rich Bowen - rbowen@rcbowen.com - @rbowen
http://apachecon.com/ - @apachecon


Mime
View raw message