On 03/03/2014 05:40 PM, Keith Lawson wrote:
Hello,
# Redirect to pass through authentication if internal
#
RewriteCond %{REMOTE_ADDR} ^10\..*$
RewriteCond %{LA-U:REMOTE_USER} !(.+)
RewriteRule ^/kltest/env$ https://sso.lhsc.on.ca/signauto/in [NS]
# Redirect to manual authentication if external
#
RewriteCond %{LA-U:REMOTE_USER} !(.+)
RewriteCond %{REMOTE_ADDR} !^10\..*$
RewriteRule ^/kltest/env$ https://sso.lhsc.on.ca/sign/in [NS]
"Site::SSO" is our in house Apache2::AuthCookie auth handler, the
ticket for this is set once you authenticate to one of the pages on
"sso.lhsc.on.ca" and "REMOTE_USER" is set if I remove the rewrite
rules but mod_rewrite never sees anything in "REMOTE_USER". What am I
missing?
I suspect that you might be able to do the same thing with
ErrorDocument 403 https://sso.lhsc.on.ca/signauto/in
and avoid the convolutions of mod_rewrite here. Assuming your in-house
mod_perl auth handler returns a 403 on auth failure.
--Rich
--
Rich Bowen - rbo...@rcbowen.com - @rbowen
http://apachecon.com/ - @apachecon
