Sure, just tell Apache to protect your whole https document tree. Then
whenever a user tries to get a document out of there, Apache will insist
he/she be authenticated.
-Original Message-
From: Harald Falkenberg [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 05, 2001 3:00 PM
To: [EMAI
Hi Joshua,
your described solution looks like the way I'm looking for. Can you please
give me a piece of configuration? I'm not so familiar with handler
handlings. So it would help me a lot.
Do you think it is possible to use the rewrite mod instead of perl for
this purpose?
thanks in advance
I use mod_rewrite to redirect all http traffic to https.
#
# Mod rewrite
#
# rewrite environment
RewriteEngine on
RewriteLog /www/apache/logs/https_rewrite_log
RewriteLogLevel 1
# redirect http to https
# If you don't try to access https,
Hi Harald,
> One step is still missing in my chain: I like to change from http to https
> not depending on the directory or location tag. I like to switch as soon
> as an authorization is required. This is more flexible.
I too tried to take it this direction first. So I added a bunch of stuff
Hi Harald,
> your described solution looks like the way I'm looking for. Can you please
> give me a piece of configuration? I'm not so familiar with handler
> handlings. So it would help me a lot.
Sure, your tag would look like:
AuthName "Whats the secret knock"
On 12 February 2001 17:35, [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]] wrote:
> The switch is by appending https to your links instead of http. If you
> want, you can give both web servers the same document root. Haven't
thought
> through completely, but I suppose you could have the logon screen
Hi Harald,
Although not strictly a modssl solution, I solved this by using a
mod_perl PerlAccessHandler directive in each of my tags.
Access handlers are processed before Authen/Authz handlers so all
protected pages (those that require a login/password) are sent to the
secure sever.
Ho
The switch is by appending https to your links instead of http. If you
want, you can give both web servers the same document root. Haven't thought
through completely, but I suppose you could have the logon screen be https
explicitly, and all the other pages relative references, so once you've
sw
I'm using
RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1
but you can just specify the paths that are protected
if you don't want the entire site redirected.
Steve Luzzi
USACERL
>
> Hi,
>
> is there a possibility to switch automatically from http to https as soon
> as a password is required to