I did this using a <Directory> directive--you can put your LDAP auth stuff there and apply it to the top-level file system directory of your application. Users won't be able to bypass that. (I'm assuming that you're currently using a <Location> directive and that your entire application lives in a single directory structure.)
This will generally work for what you want to do--you didn't provide enough information in your post to provide a response specific to your situation. ~ Tom (Sent from my mobile.) On Oct 17, 2011, at 8:14, Kalimuthu Samayan <ksama...@googlemail.com> wrote: > Hi, > > I have used Apache httpd directives to configure the authenticating the users > against LDAP database using httpd modules, mod_authz_ldap and mod_ldap. The > authentication looks ok, but not able to find any specific directives or way > to stop users bypassing web server login and try hitting application URL > (application server) directly. > > Any help on redirecting to login on web server if any one tries to access the > application directly in application server? > > -- > Regards, > Muthu > Mobile: 0044+(0)782 122 7480