Re: [us...@httpd] How to redirect ?
On 20.08.10 12:14, Mark Smits wrote: This is going to be a vey very dumb question, so apologies up front. Using WinAMP with Apache 2.2.11. winamp? Don't you mean wamp? I need redirections based on host name. Host1, host2 and host3 all are the same server host1 should be staying at host1 at the same port host2 should be redirected to host2 but different port host3 should be redirceted to host3 but antoher different port. well, just define three virtual hosts where host2 and host3 will have redirect directive in VirtualHost section, or in .htaccess in DocumentRoot. So for example http://host2/ http://host2:6405/InfoViewApp/logon.jsp VirtualHost IP ServerName host2 Redirect temp / http://host2:6405/InfoViewApp/logon.jsp /VirtualHost and if those hosts share the same IP, you must have NameVirtualHost IP directive in your config. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I intend to live forever - so far so good. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] How to redirect ?
This is going to be a vey very dumb question, so apologies up front. Using WinAMP with Apache 2.2.11. I need redirections based on host name. Host1, host2 and host3 all are the same server host1 should be staying at host1 at the same port host2 should be redirected to host2 but different port host3 should be redirceted to host3 but antoher different port. So for example http://host2/ http://%3chost2%3e/ http://host2:6405/InfoViewApp/logon.jsphttp://%3chost2%3e:6405/InfoViewApp/logon.jsp I have tried the Redirect directives. I have tried the Rewrite directives. I have put them in httpd.conf file, in the Directory / container and in .htaccess file. The alias and rewrite mods are loaded. My last attempt was the very simple RewriteRuel: RewriteRule http://host2/ http://%3chost2%3e/ http://host2:6405/InfoViewApp/logon.jsphttp://%3chost2%3e:6405/InfoViewApp/logon.jsp No matter what I have tried I always end up at http://host2. It never gets redirected Can someone please give me the exact Rewrite of Redirect directive to use. I am really stumped as why I can not get this to work :-( Thanks for any reply... and sorry to bother you with something as simple as this... Kind regards, Mark
Re: [us...@httpd] How to Redirect to https after login?
On Thu, Oct 29, 2009 at 2:19 PM, Octavian Râsnita orasn...@gmail.com wrote: That's a rather odd requirement. Normally the requirement is to be redirected to https _before_ logging in. It is, after all, the login data, that you need to protect. Isn't OK if the login form uses an action=https://...; attribute? In that case you don't need the redirect the OP asked for. Krist -- krist.vanbes...@gmail.com kr...@vanbesien.org Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] How to Redirect to https after login?
Hello, I need some expert help on the following configuration task: I have a startpage with a standard login form. After a user logs in, he should be redirected to use https for the rest of the session. When I use a rewrite rule as shown below, RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L] the parameters get lost, because the request is translated to a GET request. What do I need to do, to fix this problem? Many thanx in advance Erik VirtualHost *:49080 ServerName staging.xxx.com ServerAlias xxx.com xxx.de DocumentRoot /xxx/htdocs/ DirectoryIndex index.gsp index.html CustomLog /weblog/httpd/access.log combined # Define error doc when tomcat is down ErrorDocument 503 /error/503.html # Define the proxy connection to tomcat listening on port 49888 ProxyRequests Off # Define an exception for the path to apache error pages ProxyPass /error ! # Route all requests to tomcat ProxyPass / ajp://127.0.0.1:49888/ # Collection of rewrite rules RewriteEngine On RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L] /VirtualHost -- View this message in context: http://www.nabble.com/How-to-Redirect-to-https-after-login--tp26110773p26110773.html Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
On Thu, Oct 29, 2009 at 11:46 AM, ericdraven e...@schwagerus.de wrote: Hello, I need some expert help on the following configuration task: I have a startpage with a standard login form. After a user logs in, he should be redirected to use https for the rest of the session. That's a rather odd requirement. Normally the requirement is to be redirected to https _before_ logging in. It is, after all, the login data, that you need to protect. When I use a rewrite rule as shown below, RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L] the parameters get lost, because the request is translated to a GET request. What do I need to do, to fix this problem? Use the QSA flag, so the query string doesn't get lost. Krist -- krist.vanbes...@gmail.com kr...@vanbesien.org Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
I already tried this but it doesn't help, because the login- form uses the POST method to transfer the data and there is no query string. Krist van Besien wrote: On Thu, Oct 29, 2009 at 11:46 AM, ericdraven e...@schwagerus.de wrote: Hello, I need some expert help on the following configuration task: I have a startpage with a standard login form. After a user logs in, he should be redirected to use https for the rest of the session. That's a rather odd requirement. Normally the requirement is to be redirected to https _before_ logging in. It is, after all, the login data, that you need to protect. When I use a rewrite rule as shown below, RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L] the parameters get lost, because the request is translated to a GET request. What do I need to do, to fix this problem? Use the QSA flag, so the query string doesn't get lost. Krist -- krist.vanbes...@gmail.com kr...@vanbesien.org Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org -- View this message in context: http://www.nabble.com/How-to-Redirect-to-https-after-login--tp26110773p26112248.html Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
When I use a rewrite rule as shown below, RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L] the parameters get lost, because the request is translated to a GET request. What do I need to do, to fix this problem? Use the QSA flag, so the query string doesn't get lost. QSA only does anything when you're explicitly adding a query string in your substitution. OP is redirecting a POST, which is something to be avoided. A simple HTML redirect in the output of the form-based login makes a lot of sense. -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
From: Eric Covener cove...@gmail.com When I use a rewrite rule as shown below, RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L] the parameters get lost, because the request is translated to a GET request. What do I need to do, to fix this problem? Use the QSA flag, so the query string doesn't get lost. QSA only does anything when you're explicitly adding a query string in your substitution. OP is redirecting a POST, which is something to be avoided. Why should a redirect after POST be avoided? A simple HTML redirect in the output of the form-based login makes a lot of sense. Why? It makes the process dependent on the browser, which should be avoided. Thanks. Octavian - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
From: Krist van Besien krist.vanbes...@gmail.com On Thu, Oct 29, 2009 at 11:46 AM, ericdraven e...@schwagerus.de wrote: Hello, I need some expert help on the following configuration task: I have a startpage with a standard login form. After a user logs in, he should be redirected to use https for the rest of the session. That's a rather odd requirement. Normally the requirement is to be redirected to https _before_ logging in. It is, after all, the login data, that you need to protect. Isn't OK if the login form uses an action=https://...; attribute? The request would be made using HTTPS, not HTTP, so it should be protected, no matter that the original page was using HTTP. Thanks. Octavian - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
OP is redirecting a POST, which is something to be avoided. Why should a redirect after POST be avoided? It's hairy, and the HTTP/1.1 RFC talks about potential confusion about whether the client will re-submit the POST to the new URL [after prompting the user] or send a GET to the new URL. I also believe there are IE bugs in this area where it drops the body but retains the Content-Length on the redirect. A simple HTML redirect in the output of the form-based login makes a lot of sense. Why? It makes the process dependent on the browser, which should be avoided. A redirect is just as dependent. This allows the request to run to completion, processing the post body, before doing any kind of redirect. You could also modify whatever processes the form-based login, but that's more complicated. You shouldn't depend on either mechanism to enforce that the requests on the other side of the URL are protected by SSL, so IMO there's no exposure to using the HTML. -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org