httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Georg <>
Subject AW: [users@httpd] If statement evaluating an http header against a pattern is always true even though it should not
Date Wed, 04 Nov 2015 13:23:28 GMT
Hi Eric, et all 

this would explain the issue I am having. I am not that familiar with apache. Do you have
any suggestion how I can perform the reverse proxying based on the X-auth header? or any suggestion
how to use another kind of variable which will set conditionally? Including the Proxypass
statement directly within the iff statement is not possible


Von: Eric Covener <>
Gesendet: Mittwoch, 4. November 2015 13:56
Betreff: Re: [users@httpd] If statement evaluating an http header against a pattern is always
true even though it should not

I think your problem is that Define is executed immediately when it's
read, at startup. It's a rare special case like e.g. Include.

It cannot be processeed per-request, which is what <if> is for. I
vaguelly recall a later discussion/patch blocking that Context for

On Wed, Nov 4, 2015 at 7:41 AM, Christian Georg <> wrote:
> Hi all,
> I am running an apache 2.4.7 on CentOS 6.7
> I am trying to perform request routing within a reverse proxy based on the
> x-auth header, but for some reasons the if and elseif statements are alwyas
> evalutaing to true.
> Here is the part from the config. This is contained in the virtual host
> section of my config file.
> # making sure that the variables do have a default value, if none of the if
> statements are during true then these values should show up
> Define ifLocation1 False
> Define ifLocation2 False
> Define ServerLocation Location-default
> <If "%{HTTP:x-auth} -strcmatch 'XXXXXXXX' " >
>       Define ServerLocation Location-1
>       Define ifLocation1 true
> </If>
> <ElseIf "%{HTTP:x-auth} =~ m#YYYYYYY#i " >
>        Define ServerLocation Location-2
>        Define ifLocation2 true
> </ElseIf>
> I am using strcmatch and =~ for testing purposes to find out which matches
> my needs. what I would actually like to achieve is a check if the token ends
> with with XXXXXXX and then move to Location-1 or with YYYYYY and move to
> Location-2. in all other cases I want to use the default location.
> The token we use in the x-auth header do neither contain XXXXXXXX nor
> YYYYYYY so I would expect the Server Location to be "Location-default"
> The part I do not understand is why ifLocation1 and ifLocation2 are both set
> to true and the ServerLocation contains the value of the last define
> statement, which is "Location-2"
> For logging of the relevant info I am using the following statement
> CustomLog ${APACHE_LOG_DIR}/token.log "i:%{x-auth}i o:%{x-auth}o
> decision:${ServerLocation}  Statement1:${ifLocation1}
> Statement2:${ifLocation2}
> For requests that do not contain a token or x-auth header I am getting
> i:- o:-  decision:Location-2  Statement1:true Statement2:true
> For requests with a token I am getting pretty much the same, jsut with a
> token included
> i:itwefq9od2j9r2a0f9tz03djkattwerawg_fddsdwra_wrqs o:-  decision:Location-2
> Statement1:true Statement2:true
> I am currently running out of ideas on what I am doing wrong and why the if
> statements always evaluate to true. Any help is appreciated
> Thanks
> Chris

Eric Covener

To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message