Excuse me for my ignorance on Apache up front and sorry if this email is duplicated....
Here Is my situation (hopefully Im explaining it correctly). We have an apache 2 server, using AuthLDAP for htaccess user/pass. I am trying to set it up so that if a user goes to a page which requires authentication that that htaccess login is forced to to HTTPS/SSL so it=B9s not clear text. For example.(folder names are not specific, examples only) http://Www.mydomain.com/secure This page requires LDAP auth but since the user didn=B9t type HTTPS its clear text. How can I force Apache to say OK, this isnt HTTPS, redirect to HTTPS and then pop the login box and its not clear text? I have tried all of these below * RewriteCond %{SERVER_PORT} !^443$ RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L] This pops the login box but only after it shows the content of the page first. =B3hello world=B2 * SSLOptions +StrictRequire SSLRequireSSL SSLRequire %{HTTP_HOST} eq "mydomain.com" This fails to load any page if the user doesn=B9t explicitly type HTTPS in browser. So what I=B9m looking to do is say: User types in http://www.mydomain.com/secure Apache says OK, that folder requires AUTH, lets first go to HTTPS, require LDAP login then show the page. Hope this makes sense. Regards, Tony
