httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vad...@gmail.com
Subject Re: [users@httpd] Bypass Authn
Date Wed, 23 Sep 2020 20:23:02 GMT
On Wed, Sep 23, 2020 at 4:15 PM Eric Covener <covener@gmail.com> wrote:

> On Wed, Sep 23, 2020 at 4:11 PM <vadud3@gmail.com> wrote:
> >
> > Hi All,
> >
> > I am using this config and I am not able to connect to /mydir/noauth
> without authentication.
> >
> > ProxyPass /mydir http://example.org/mydir
> > ProxyPassReverse /mydir https://example.org/mydir
> >
> > <Location /mydir/noauth>
> >        Require all granted
> > </Location>
> >
> > <Location /mydir>
> >        Order allow,deny
> >        Allow from all
> >        AuthType Shibboleth
> >        Header set X-Forwarded-Proto "https"
> >        ShibUseHeaders On
> >        ShibRequestSetting requireSession true
> >       <RequireAny>
> >               Require shib-attr AuthType "standard, x509, securePlus2,
> securePlus3"
> >               Require shit-attr AppAuth true
> >         </RequireAny>
> > </Location>
> >
> > I am getting 302 when hitting http://mysite.org/mydir/noauth
>
> Location blocks are processed in the order they appear, not the
> hierarchical order.  Try flipping the order.
>
>
I did and restarted.

Still getting 302



> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

Mime
View raw message