httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Daley <tim.da...@cru.org>
Subject [users] login form
Date Mon, 09 Jun 2014 18:44:56 GMT
I am struggling with getting a login form working. I am attempting to do it
pretty much all in html/httpd2.4. It looks like this method ought to work.
service httpd24-httpd configtest shows no errors.

Here are my login pages:

[root@ulcloud01 html]# cat login.html

<html>

<head><TITLE>Login Page</TITLE></head>

<body>

<div style="width:220px;padding:10px;border:5px solid gray;margin:10px;">

       <form method="POST">

               UserName: <input type="text" name="httpd_username"

                       value="" autofocus="autofocus" style="float:right"/>

               <br>

               <br>

               Password: <input type=password name="httpd_password"

                       value="" style="float:right"/>

               <br>

               <br>

               <center>

                       <input type="submit" name="login" value="Login"/>

               </center>

       </form>

</div>

<a href="/loggedout.html">Log out</a>

</body>

</html>

[root@ulcloud01 html]# cat dologin.html

<html>

<body>

dologin

<br>

</body>

</html>

[root@ulcloud01 html]# cat success.html

<html>

<body>

Login Success

<br>

</body>

</html>

[root@ulcloud01 html]# cat failure.html

<html>

<head><TITLE>Login Failure</TITLE></head>

<body>

<div style="width:220px;padding:10px;border:5px solid gray;margin:10px;">

       <form method="POST" action="">

               UserName: <input type="text" name="httpd_username"

                       value="" autofocus="autofocus" style="float:right"/>

               <br>

               <br>

               Password: <input type=password name="httpd_password"

                       value="" style="float:right"/>

               <br>

               <br>

               <center>

                       <input type="submit" name="login" value="Login"/>

               </center>

       </form>

</div>

</body>

</html>

[root@ulcloud01 html]#

My httpd;conf is pretty basic. I've added a cloud.conf as follows:

[root@ulcloud01 conf.d]# cat cloud.conf

<VirtualHost *:80>

ServerName ulcloud01.ccci.org

RewriteEngine On

RewriteCond %{HTTPS} !=on

RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

</VirtualHost>

<VirtualHost _default_:443>

ServerName ulcloud01.ccci.org

DocumentRoot /opt/rh/httpd24/root/var/www/html

Session On

SessionEnv On

SessionCookieName session path=/

SessionHeader X-Replace-Session

SessionCryptoPassphrase secret

SSLEngine On

</VirtualHost>

<Location /dologin.html>

SetHandler form-login-handler

SetHandler form-logout-handler

AuthFormAuthoritative off

       AuthFormLoginRequiredLocation /login.html

       AuthFormLoginSuccessLocation /success.html

       AuthFormLogoutLocation /loggedout.html

ErrorDocument 401 /failure.html

AuthFormProvider file

AuthUserFile conf/passwd

AuthType form

AuthName realm

AuthFormBody httpd_body

AuthFormDisableNoStore Off

AuthFormFakeBasicAuth Off

AuthFormLocation httpd_location

AuthFormMethod httpd_method

AuthFormMimetype httpd_mimetype

AuthFormUsername httpd_username

AuthFormPassword httpd_password

AuthFormSize 8192

Session On

SessionCookieName session path=/

SessionCryptoPassphrase none

SSLRequireSSL

</Location>

SSLSessionCache shmcb:/etc/apache2/path/ssl_scache(512000)

SSLRandomSeed startup builtin

SSLRandomSeed connect builtin

SSLCertificateFile /opt/rh/httpd24/root/etc/httpd/ssl/apache.crt

SSLCertificateKeyFile /opt/rh/httpd24/root/etc/httpd/ssl/apache.key

[root@ulcloud01 conf.d]#


If I go to https://ulcloud01.ccci.org/login.html and enter an either a
valid or invalid userid/password combination and click logout, the result
is the same. The login.html page is redisplayed. Here's the error_log:


\[Mon Jun 09 14:41:17.864869 2014] [core:trace5] [pid 4356]
protocol.c(618): [client 10.10.92.13:55231] Request received from client:
POST /login.html HTTP/1.1

[Mon Jun 09 14:41:17.864978 2014] [http:trace4] [pid 4356]
http_request.c(301): [client 10.10.92.13:55231] Headers received from
client:, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865004 2014] [http:trace4] [pid 4356]
http_request.c(305): [client 10.10.92.13:55231]   Host: ulcloud01.ccci.org,
referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865039 2014] [http:trace4] [pid 4356]
http_request.c(305): [client 10.10.92.13:55231]   User-Agent: Mozilla/5.0
(Macintosh; Intel Mac OS X 10.9; rv:29.0) Gecko/20100101 Firefox/29.0,
referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865058 2014] [http:trace4] [pid 4356]
http_request.c(305): [client 10.10.92.13:55231]   Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8, referer:
https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865079 2014] [http:trace4] [pid 4356]
http_request.c(305): [client 10.10.92.13:55231]   Accept-Language:
en-US,en;q=0.5, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865097 2014] [http:trace4] [pid 4356]
http_request.c(305): [client 10.10.92.13:55231]   Accept-Encoding: gzip,
deflate, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865114 2014] [http:trace4] [pid 4356]
http_request.c(305): [client 10.10.92.13:55231]   Referer:
https://ulcloud01.ccci.org/login.html, referer:
https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865131 2014] [http:trace4] [pid 4356]
http_request.c(305): [client 10.10.92.13:55231]   Connection: keep-alive,
referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865147 2014] [http:trace4] [pid 4356]
http_request.c(305): [client 10.10.92.13:55231]   Content-Type:
application/x-www-form-urlencoded, referer:
https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865164 2014] [http:trace4] [pid 4356]
http_request.c(305): [client 10.10.92.13:55231]   Content-Length: 65,
referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865374 2014] [authz_core:debug] [pid 4356]
mod_authz_core.c(802): [client 10.10.92.13:55231] AH01626: authorization
result of Require all granted: granted, referer:
https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865405 2014] [authz_core:debug] [pid 4356]
mod_authz_core.c(802): [client 10.10.92.13:55231] AH01626: authorization
result of <RequireAny>: granted, referer:
https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865424 2014] [core:trace3] [pid 4356] request.c(238):
[client 10.10.92.13:55231] request authorized without authentication by
access_checker_ex hook: /login.html, referer:
https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865637 2014] [core:debug] [pid 4356]
util_cookies.c(129): [client 10.10.92.13:55231] AH00009: ap_cookie: user
'(null)' removed cookie: 'session=;Max-Age=0;path=/', referer:
https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865696 2014] [http:trace3] [pid 4356]
http_filters.c(963): [client 10.10.92.13:55231] Response sent with status
200, headers:, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865718 2014] [http:trace5] [pid 4356]
http_filters.c(970): [client 10.10.92.13:55231]   Date: Mon, 09 Jun 2014
18:41:17 GMT, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865861 2014] [http:trace5] [pid 4356]
http_filters.c(973): [client 10.10.92.13:55231]   Server: Apache/2.4.6 (Red
Hat) OpenSSL/1.0.0-fips mod_auth_kerb/5.4 mod_wsgi/3.4 Python/2.7.5
mod_perl/2.0.8-dev Perl/v5.16.3, referer:
https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865885 2014] [http:trace4] [pid 4356]
http_filters.c(806): [client 10.10.92.13:55231]   Set-Cookie:
session=;Max-Age=0;path=/, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865914 2014] [http:trace4] [pid 4356]
http_filters.c(806): [client 10.10.92.13:55231]   Last-Modified: Mon, 09
Jun 2014 18:18:34 GMT, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865935 2014] [http:trace4] [pid 4356]
http_filters.c(806): [client 10.10.92.13:55231]   ETag:
\\"209-4fb6b3d4446b5\\", referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865952 2014] [http:trace4] [pid 4356]
http_filters.c(806): [client 10.10.92.13:55231]   Accept-Ranges: bytes,
referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865969 2014] [http:trace4] [pid 4356]
http_filters.c(806): [client 10.10.92.13:55231]   Content-Length: 521,
referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.865997 2014] [http:trace4] [pid 4356]
http_filters.c(806): [client 10.10.92.13:55231]   Cache-Control: no-cache,
referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.866014 2014] [http:trace4] [pid 4356]
http_filters.c(806): [client 10.10.92.13:55231]   Set-Cookie:
session=;Max-Age=0;path=/, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.866030 2014] [http:trace4] [pid 4356]
http_filters.c(806): [client 10.10.92.13:55231]   Keep-Alive: timeout=5,
max=100, referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.866046 2014] [http:trace4] [pid 4356]
http_filters.c(806): [client 10.10.92.13:55231]   Connection: Keep-Alive,
referer: https://ulcloud01.ccci.org/login.html

[Mon Jun 09 14:41:17.866062 2014] [http:trace4] [pid 4356]
http_filters.c(806): [client 10.10.92.13:55231]   Content-Type: text/html;
charset=UTF-8, referer: https://ulcloud01.ccci.org/login.html

Mime
View raw message