Re: [users@httpd] https before auth
I'm not sure but add: SSLOptions +StrictRequire SSLRequireSSL seems resolve the problem Is it correct? thanks! > Hi all :-) > > working on my last post I configured a https rewrite and auth basic: > > default > [...] > > > > RewriteEngine on > RewriteCond %{HTTPS} !^on$ [NC] > RewriteRule . https://example.org/test [L] > > > > [...] > > default-ssl > > [...] > > Options +SymLinksIfOwnerMatch +Multiviews +Indexes > AuthType Basic > AuthName "Authentication Required" > AuthUserFile "/etc/htpasswd/test" > Require valid-user > Order allow,deny > Allow from all > > [...] > > Now: when I do http://example.org/test, I see access form to > authentication before the rewrite to https (or no?) - because after login > I'm in https page. > > Is my authentication encrypted, I think no... any idea? > > Thanks for help! > > Pol > > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] https before auth
Hi all :-) working on my last post I configured a https rewrite and auth basic: default [...] RewriteEngine on RewriteCond %{HTTPS} !^on$ [NC] RewriteRule . https://example.org/test [L] [...] default-ssl [...] Options +SymLinksIfOwnerMatch +Multiviews +Indexes AuthType Basic AuthName "Authentication Required" AuthUserFile "/etc/htpasswd/test" Require valid-user Order allow,deny Allow from all [...] Now: when I do http://example.org/test, I see access form to authentication before the rewrite to https (or no?) - because after login I'm in https page. Is my authentication encrypted, I think no... any idea? Thanks for help! Pol - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] incomplete mod_filter substitution results
I have been attempting to use mod_filter with mod_substitute to modify the response stream and change the back-end server host name and protocol in content being returned to users beyond the firewall. The proxy server is fronting Windchill PLM software, which uses an apache proxy in front of tomcat. The rules I am using correctly replace most occurrences but fails consistently for certain link references. It looks like the problem links have anchor tags with special characters. What *should* happen is that all host references should be changed from http to https and the server name changed from mike to lima. #ORIGINAL RESPONSE http://mike.***.***.ca/Windchill/netmarkets/images/sp.gif";> http://mike.***.***.ca/Windchill/netmarkets/images/default_leaf.png";> http://mike.***.***.ca/Windchill/app/#ptc1/library/listFiles?oid=OR%3Awt.inf.library.WTLibrary%3A207909254&u8=1"; hidefocus="on"> #PROCESSED RESPONSE https://lima.***.***.ca/Windchill/netmarkets/images/sp.gif";> https://lima.***.***.ca/Windchill/netmarkets/images/default_leaf.png";> http://mike.***.***.ca/Windchill/app/#ptc1/library/listFiles?oid=OR%3Awt.inf.library.WTLibrary%3A207909254&u8=1"; hidefocus="on"> Notice the last link in the processed content was left untouched. The rule to replace content looks like: RequestHeader unset Accept-Encoding FilterDeclare wcproxy FilterProvider wcproxy SUBSTITUTE Content-Type /text|json/ FilterChain + FilterTrace wcproxy 1 Substitute "s|(http)://mike(.*)|$1s://lima$2|i" So, is this a known limitation in mod_filter or a bug that I should report? PLATFORM DETAILS: System details: Red Hat Enterprise Linux Server release 6.3 (Santiago) Linux lima.***.***.ca 2.6.32-279.5.2.el6.x86_64 #1 SMP Tue Aug 14 11:36:39 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux CentOS release 6.4 (Final) Linux centosvm 2.6.32-358.11.1.el6.x86_64 #1 SMP Wed Jun 12 03:34:52 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Apache versions: Server version: Apache/2.2.25 (Unix) Server built: Jul 8 2013 12:46:53 Server version: Apache/2.2.15 (Unix) Server built: Apr 29 2013 04:13:12 Loaded Modules: core_module (static) authn_file_module (static) authn_default_module (static) authz_host_module (static) authz_groupfile_module (static) authz_user_module (static) authz_default_module (static) auth_basic_module (static) include_module (static) filter_module (static) log_config_module (static) env_module (static) setenvif_module (static) version_module (static) mpm_prefork_module (static) http_module (static) mime_module (static) status_module (static) autoindex_module (static) asis_module (static) cgi_module (static) negotiation_module (static) dir_module (static) actions_module (static) userdir_module (static) alias_module (static) so_module (static) substitute_module (shared) proxy_module (shared) proxy_http_module (shared) ssl_module (shared) headers_module (shared) Syntax OK Thanks. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Issue with URL Rewriting
Le 10/07/2013 00:18, Eric Covener a écrit : RewriteEngine On RewriteCond %{DOCUMENT_ROOT}/mysite/pictures%{REQUEST_URI} -f RewriteRule ^(.+) /mysite/pictures/$1 [L] Unfortunately it doesn't work, because %{REQUEST_URI}contains also /mysite... Indeed if I request /mysite/icon.png, the input of RewriteCond is '/home/yvand/www/mysite/pictures/mysite/icon.png' My question is how can I access to the URI in RewriteCond? When I say URI I do not mean REQUEST_URI but just icon.png in my example, which is the value used by RewriteRule. Since you captured it, it's $1 in the RewriteCond. I think that's the only way to get at the suffix of the path you're implicitly comparing against when you do rewrite in htaccess. Great! Thank you, it works! I didn't think one instant it was possible to use $1 in RewriteCond.. In my opinion, it is strange that RewriteRule are treated before RewriteCond. --yvand - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org