On 9/27/2012 11:55 AM, Yehuda Katz wrote:
> We use mod_rewrite (non-relevant config removed):
>
> <VirtualHost *:80>
> <Directory /var/www/admin>
> RewriteEngine On
> RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
> </Directory>
> </VirtualHost>
> <VirtualHost _default_:443>
> AddExternalAuth pwauth /usr/sbin/pwauth
> SetExternalAuthMethod pwauth pipe
>
> <Directory /var/www/admin/>
> AuthBasicProvider external
> AuthExternal pwauth
>
> AuthType Basic
> AuthName "Admin"
>
> AuthzUnixgroup on
> Require group sudo
> </Directory>
> </VirtualHost>
>
> - Y
>
Thank you very much for the response, Yehuda. That is an elegant
solution, and one that I had considered.
The only reason I avoided it is that I'm using ISPConfig, which
automatically writes the exact same set of directives to both blocks (80
and 443) within the virtual host configuration. While convenient, this
makes it a challenge to implement anything like the above.
Maybe I'll submit a feature request to ISPConfig: provide a second,
separate text area input for Apache configuration directives when SSL is
enabled.
Thanks again!
-Ben
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|