httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dukkefup Mun" <dukkefup...@hotmail.com>
Subject [users@httpd] Authenticating All Requests Via A Subdomain Using Mod_Rewrite
Date Wed, 20 Jul 2005 16:47:14 GMT
<html><div style='background-color:'><DIV class=RTE>I am configuring a security
sub system for my website on Apache 2.0.46 / Red Hat Linux.&nbsp; I will attempt to provide
as much information as possible about this so that with some assistance from you wonderful
people I can arrive at a solution that will atleast leave me with some hair :-) I have googled
on the topic 'Processing HTTP requests via a subdomain', however I have no recieved any information
of real use to me. </DIV>
<DIV class=RTE><BR>T want to configure my domain <A href="http://www.constructingreality.com">www.constructingreality.com</A>
to forward all incoming requests to a subdomain called checkpoint.constructingreality.com.&nbsp;
On this subdomain I am performing various security checks (is the users ip banned? Is the
section of the site that they want down for maintainence? Are they allowed to have the file
they asked for? etc).&nbsp; The reason why I am doing this is because I want something
a little more robust than what Apache currently provides facilities for. Once checkpoint.constructingreality.com
is done with its work, the cgi-script handing all the functionality of that subdomain issues
a redirect back into <A href="http://www.constructingreality.com">www.constructingreality.com</A>
which contains the uri of the originally requested file.&nbsp; The problem I am running
into is that 
once the return request reaches <A href="http://www.constructingreality.com">www.constructingreality.com</A>,
it's been seen as a totally new request and being immediately bounced back to checkpoint.constructingreality.com
thus locking the request into and endless loop until mod_rewrite hits it's internal redirection
limit.&nbsp; This is not a desired behavior.&nbsp; The flow of events that I need
to occur is this (please excuse the crudeness of the following diagram:</DIV>
<DIV class=RTE>&nbsp;</DIV>
<DIV class=RTE>1) user request -&gt; <A href="http://www.constructingreality.com">www.constructingreality.com</A>
[initial user request]<BR>2) <A href="http://www.constructingreality.com">www.constructingreality.com</A>
-&gt; checkpoint.constructingreality.com [passing request to checkpoint]<BR>3) run
security checks on checkpoint.constructingreality.com [run checks and return if all passed
]<BR>4) checkpoint.constructingreality.com -&gt; <A href="http://www.constructingreality.com">www.constructingreality.com</A>
[pass request back to primary domain]<BR>5) <A href="http://www.constructingreality.com">www.constructingreality.com</A>
-&gt; user [here's your file]</DIV>
<DIV class=RTE>&nbsp;</DIV>
<DIV class=RTE>Definition of subdomains under my account is done by creating a subdirectory
under '/var/www/html/constructingre/' which is my web visible root for both constructingreality.com
and <A href="http://www.constructingreality.com">www.constructingreality.com</A>.&nbsp;
So in order to have checkpoint.constructingreality.com visible as a subdomain of my account,
I need to create the path '/var/www/html/constructingre/checkpoint.constructingreality.com'
and place all files for the subdomain in that location.&nbsp; I have done this without
difficulty.</DIV>
<DIV class=RTE>Due to the nature of my hosting setup with MediaTemple (<A href="http://www.mediatemple.com">http://www.mediatemple.com</A>)
I am required to place an .htaccess in both my main directory ( where constructingreality.com
and <A href="http://www.constructingreality.com">www.constructingreality.com</A>
resolve to ) as well as another .htaccess in the root of checkpoint.constructingreality.com.&nbsp;
The content of my .htaccess files is as follows:</DIV>
<DIV class=RTE>----------------------<BR>[.htaccess -- web root]<BR>----------------------</DIV>
<DIV class=RTE>AddHandler cgi-script .cgi<BR>Options +ExecCGI +FollowSymLinks
+Includes</DIV>
<DIV class=RTE>RewriteEngine On<BR>RewriteCond %{HTTP_HOST}&nbsp;&nbsp;
&nbsp;!^www.constructingreality.com [NC]<BR>RewriteRule ^/(.*)&nbsp;&nbsp;<A
href="http://www.constructingreality.com/$1">http://www.constructingreality.com/$1</A>
[L,R]<BR>RewriteRule ^/(.*)&nbsp;&nbsp;<A href="http://checkpoint.constructingreality.com/index.cgi?uri=$1">http://checkpoint.constructingreality.com/index.cgi?uri=$1</A>
[L,R]</DIV>
<DIV class=RTE>-------------------------<BR>[.htaccess -- Checkpoint]<BR>-------------------------</DIV>
<DIV class=RTE>RewriteEngine Off</DIV>
<DIV class=RTE>&nbsp;</DIV>
<DIV class=RTE>&nbsp;</DIV>
<DIV class=RTE>I am at a total loss as for what I need to do to break this redirection
loop.&nbsp; my script on checkpoint.constructingreality.com redirects using the format
<A href="http://www.constructingreality.com/$uri">http://www.constructingreality.com/$uri</A>
where $uri is the request uri of the original request.&nbsp; Any help that you could provide
in solving this issue would be wonderful. </DIV></div><br clear=all><hr>
<a href="http://g.msn.com/8HMAENUS/2737??PS=47575" target="_top">Find e-mail and documents
on your PC instantly with the new MSN Search Toolbar–FREE!</a> </html>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message