On Tue, Oct 27, 2009 at 7:37 AM, J. Bakshi <[email protected]> wrote:
> Hello list,
>
> I have finally able to redirect the viewvc ( svn viewer ) to https. here
> is the configuration
>
> ``````````````````````````````
> ScriptAlias /test /usr/lib/cgi-bin/viewvc.cgi
>
> <Location /test>
> RewriteEngine on
> RewriteCond %{HTTPS} off
> RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
>
> AuthType Basic
> AuthName "requires a password"
> AuthUserFile /home/svn/PASSWD
> Require valid-user
> </Location>
> ```````````````````````````````````````````
>
> This is working fine for both internet and intranet. But I have found
> it first check the authorization through http connection and after
> getting the right password it redirects to https version. Can I
> redirect to http before authentication ?
A couple of notes:
- Using <Location> to protect a resource on the local filesystem is a
absolutely bad idea. Your script might be accessible via another URL.
- Your rewrite rule does indeed do the correct redirection, but will
only do this after authentication. This because that is how you've
configured it. You've told your server to require authentication from
anyone accessing /test and this your server does. Authentication
happens very early in request processing, before rewriting.
A better way:
ScriptAlias /test /usr/lib/cgi-bin/viewvc.cgi
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule /test.* https://%{HTTP_HOST}%{REQUEST_URI} [R]
<Directory /usr/lib/cgi-bin/ >
<Files viewvc.cgi>
SSLRequireSSL
AuthType Basic
AuthName "requires a password"
AuthUserFile /home/svn/PASSWD
Require valid-user
</Files>
</Directory>
HTH,
Krist
--
[email protected]
[email protected]
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [email protected]
" from the digest: [email protected]
For additional commands, e-mail: [email protected]
