Re: [us...@httpd] How to redirect ?
On 20.08.10 12:14, Mark Smits wrote: This is going to be a vey very dumb question, so apologies up front. Using WinAMP with Apache 2.2.11. winamp? Don't you mean wamp? I need redirections based on host name. Host1, host2 and host3 all are the same server host1 should be staying at host1 at the same port host2 should be redirected to host2 but different port host3 should be redirceted to host3 but antoher different port. well, just define three virtual hosts where host2 and host3 will have redirect directive in VirtualHost section, or in .htaccess in DocumentRoot. So for example http://host2/ http://host2:6405/InfoViewApp/logon.jsp VirtualHost IP ServerName host2 Redirect temp / http://host2:6405/InfoViewApp/logon.jsp /VirtualHost and if those hosts share the same IP, you must have NameVirtualHost IP directive in your config. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I intend to live forever - so far so good. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] How to redirect ?
This is going to be a vey very dumb question, so apologies up front. Using WinAMP with Apache 2.2.11. I need redirections based on host name. Host1, host2 and host3 all are the same server host1 should be staying at host1 at the same port host2 should be redirected to host2 but different port host3 should be redirceted to host3 but antoher different port. So for example http://host2/ http://%3chost2%3e/ http://host2:6405/InfoViewApp/logon.jsphttp://%3chost2%3e:6405/InfoViewApp/logon.jsp I have tried the Redirect directives. I have tried the Rewrite directives. I have put them in httpd.conf file, in the Directory / container and in .htaccess file. The alias and rewrite mods are loaded. My last attempt was the very simple RewriteRuel: RewriteRule http://host2/ http://%3chost2%3e/ http://host2:6405/InfoViewApp/logon.jsphttp://%3chost2%3e:6405/InfoViewApp/logon.jsp No matter what I have tried I always end up at http://host2. It never gets redirected Can someone please give me the exact Rewrite of Redirect directive to use. I am really stumped as why I can not get this to work :-( Thanks for any reply... and sorry to bother you with something as simple as this... Kind regards, Mark
Re: [us...@httpd] How to Redirect to https after login?
On Thu, Oct 29, 2009 at 2:19 PM, Octavian Râsnita orasn...@gmail.com wrote: That's a rather odd requirement. Normally the requirement is to be redirected to https _before_ logging in. It is, after all, the login data, that you need to protect. Isn't OK if the login form uses an action=https://...; attribute? In that case you don't need the redirect the OP asked for. Krist -- krist.vanbes...@gmail.com kr...@vanbesien.org Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] How to Redirect to https after login?
Hello,
I need some expert help on the following configuration task:
I have a startpage with a standard login form. After a user logs in, he
should be
redirected to use https for the rest of the session.
When I use a rewrite rule as shown below,
RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L]
the parameters get lost, because the request is translated to a GET request.
What do I need to do, to fix this problem?
Many thanx in advance
Erik
VirtualHost *:49080
ServerName staging.xxx.com
ServerAlias xxx.com xxx.de
DocumentRoot /xxx/htdocs/
DirectoryIndex index.gsp index.html
CustomLog /weblog/httpd/access.log combined
# Define error doc when tomcat is down
ErrorDocument 503 /error/503.html
# Define the proxy connection to tomcat listening on port 49888
ProxyRequests Off
# Define an exception for the path to apache error pages
ProxyPass /error !
# Route all requests to tomcat
ProxyPass / ajp://127.0.0.1:49888/
# Collection of rewrite rules
RewriteEngine On
RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L]
/VirtualHost
--
View this message in context:
http://www.nabble.com/How-to-Redirect-to-https-after-login--tp26110773p26110773.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
On Thu, Oct 29, 2009 at 11:46 AM, ericdraven e...@schwagerus.de wrote:
Hello,
I need some expert help on the following configuration task:
I have a startpage with a standard login form. After a user logs in, he
should be
redirected to use https for the rest of the session.
That's a rather odd requirement. Normally the requirement is to be
redirected to https _before_ logging in. It is, after all, the login
data, that you need to protect.
When I use a rewrite rule as shown below,
RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L]
the parameters get lost, because the request is translated to a GET request.
What do I need to do, to fix this problem?
Use the QSA flag, so the query string doesn't get lost.
Krist
--
krist.vanbes...@gmail.com
kr...@vanbesien.org
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
I already tried this but it doesn't help, because the login- form uses the
POST method to transfer the data and there is no query string.
Krist van Besien wrote:
On Thu, Oct 29, 2009 at 11:46 AM, ericdraven e...@schwagerus.de wrote:
Hello,
I need some expert help on the following configuration task:
I have a startpage with a standard login form. After a user logs in, he
should be
redirected to use https for the rest of the session.
That's a rather odd requirement. Normally the requirement is to be
redirected to https _before_ logging in. It is, after all, the login
data, that you need to protect.
When I use a rewrite rule as shown below,
RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L]
the parameters get lost, because the request is translated to a GET
request.
What do I need to do, to fix this problem?
Use the QSA flag, so the query string doesn't get lost.
Krist
--
krist.vanbes...@gmail.com
kr...@vanbesien.org
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
--
View this message in context:
http://www.nabble.com/How-to-Redirect-to-https-after-login--tp26110773p26112248.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
When I use a rewrite rule as shown below,
RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L]
the parameters get lost, because the request is translated to a GET request.
What do I need to do, to fix this problem?
Use the QSA flag, so the query string doesn't get lost.
QSA only does anything when you're explicitly adding a query string in
your substitution.
OP is redirecting a POST, which is something to be avoided. A simple
HTML redirect in the output of the form-based login makes a lot of
sense.
--
Eric Covener
cove...@gmail.com
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
From: Eric Covener cove...@gmail.com
When I use a rewrite rule as shown below,
RewriteRule ^/login(.*) https://%{SERVER_NAME}/login$1 [R,L]
the parameters get lost, because the request is translated to a GET
request.
What do I need to do, to fix this problem?
Use the QSA flag, so the query string doesn't get lost.
QSA only does anything when you're explicitly adding a query string in
your substitution.
OP is redirecting a POST, which is something to be avoided.
Why should a redirect after POST be avoided?
A simple
HTML redirect in the output of the form-based login makes a lot of
sense.
Why? It makes the process dependent on the browser, which should be avoided.
Thanks.
Octavian
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
From: Krist van Besien krist.vanbes...@gmail.com On Thu, Oct 29, 2009 at 11:46 AM, ericdraven e...@schwagerus.de wrote: Hello, I need some expert help on the following configuration task: I have a startpage with a standard login form. After a user logs in, he should be redirected to use https for the rest of the session. That's a rather odd requirement. Normally the requirement is to be redirected to https _before_ logging in. It is, after all, the login data, that you need to protect. Isn't OK if the login form uses an action=https://...; attribute? The request would be made using HTTPS, not HTTP, so it should be protected, no matter that the original page was using HTTP. Thanks. Octavian - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to Redirect to https after login?
OP is redirecting a POST, which is something to be avoided. Why should a redirect after POST be avoided? It's hairy, and the HTTP/1.1 RFC talks about potential confusion about whether the client will re-submit the POST to the new URL [after prompting the user] or send a GET to the new URL. I also believe there are IE bugs in this area where it drops the body but retains the Content-Length on the redirect. A simple HTML redirect in the output of the form-based login makes a lot of sense. Why? It makes the process dependent on the browser, which should be avoided. A redirect is just as dependent. This allows the request to run to completion, processing the post body, before doing any kind of redirect. You could also modify whatever processes the form-based login, but that's more complicated. You shouldn't depend on either mechanism to enforce that the requests on the other side of the URL are protected by SSL, so IMO there's no exposure to using the HTML. -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
