httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Johnson <...@indietorrent.org>
Subject Re: [users@httpd] Forcing SSL while redirecting with query string intact, preventing "double-login problem" and preventing plaintext authentication
Date Thu, 27 Sep 2012 16:06:33 GMT


On 9/27/2012 11:55 AM, Yehuda Katz wrote:
> We use mod_rewrite (non-relevant config removed):
> 
> <VirtualHost *:80>
> <Directory /var/www/admin>
>         RewriteEngine On
>         RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
> </Directory>
> </VirtualHost>
> <VirtualHost _default_:443>
>         AddExternalAuth pwauth /usr/sbin/pwauth
>         SetExternalAuthMethod pwauth pipe
> 
>         <Directory /var/www/admin/>
>                 AuthBasicProvider external
>                 AuthExternal pwauth
> 
>                 AuthType Basic
>                 AuthName "Admin"
> 
>                 AuthzUnixgroup on
>                 Require group sudo
>         </Directory>
> </VirtualHost>
> 
> - Y
> 

Thank you very much for the response, Yehuda. That is an elegant
solution, and one that I had considered.

The only reason I avoided it is that I'm using ISPConfig, which
automatically writes the exact same set of directives to both blocks (80
and 443) within the virtual host configuration. While convenient, this
makes it a challenge to implement anything like the above.

Maybe I'll submit a feature request to ISPConfig: provide a second,
separate text area input for Apache configuration directives when SSL is
enabled.

Thanks again!

-Ben

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message