Hi Eric, et all
this would explain the issue I am having. I am not that familiar with apache. Do you have any suggestion how I can perform the reverse proxying based on the X-auth header? or any suggestion how to use another kind of variable which will set conditionally? Including the Proxypass statement directly within the iff statement is not possible
Thanks
Chris
________________________________________
Von: Eric Covener <covener@xxxxxxxxx>
Gesendet: Mittwoch, 4. November 2015 13:56
An: users@xxxxxxxxxxxxxxxx
Betreff: Re: If statement evaluating an http header against a pattern is always true even though it should not
I think your problem is that Define is executed immediately when it's
read, at startup. It's a rare special case like e.g. Include.
It cannot be processeed per-request, which is what <if> is for. I
vaguelly recall a later discussion/patch blocking that Context for
Define.
On Wed, Nov 4, 2015 at 7:41 AM, Christian Georg <mail@xxxxxxxxxxxxxxxxx> wrote:
> Hi all,
>
>
> I am running an apache 2.4.7 on CentOS 6.7
>
> I am trying to perform request routing within a reverse proxy based on the
> x-auth header, but for some reasons the if and elseif statements are alwyas
> evalutaing to true.
>
>
>
> Here is the part from the config. This is contained in the virtual host
> section of my config file.
>
>
> # making sure that the variables do have a default value, if none of the if
> statements are during true then these values should show up
>
> Define ifLocation1 False
> Define ifLocation2 False
> Define ServerLocation Location-default
>
>
> <If "%{HTTP:x-auth} -strcmatch 'XXXXXXXX' " >
> Define ServerLocation Location-1
> Define ifLocation1 true
> </If>
> <ElseIf "%{HTTP:x-auth} =~ m#YYYYYYY#i " >
> Define ServerLocation Location-2
> Define ifLocation2 true
> </ElseIf>
>
> I am using strcmatch and =~ for testing purposes to find out which matches
> my needs. what I would actually like to achieve is a check if the token ends
> with with XXXXXXX and then move to Location-1 or with YYYYYY and move to
> Location-2. in all other cases I want to use the default location.
>
> The token we use in the x-auth header do neither contain XXXXXXXX nor
> YYYYYYY so I would expect the Server Location to be "Location-default"
> The part I do not understand is why ifLocation1 and ifLocation2 are both set
> to true and the ServerLocation contains the value of the last define
> statement, which is "Location-2"
>
> For logging of the relevant info I am using the following statement
>
> CustomLog ${APACHE_LOG_DIR}/token.log "i:%{x-auth}i o:%{x-auth}o
> decision:${ServerLocation} Statement1:${ifLocation1}
> Statement2:${ifLocation2}
>
> For requests that do not contain a token or x-auth header I am getting
> i:- o:- decision:Location-2 Statement1:true Statement2:true
>
> For requests with a token I am getting pretty much the same, jsut with a
> token included
>
> i:itwefq9od2j9r2a0f9tz03djkattwerawg_fddsdwra_wrqs o:- decision:Location-2
> Statement1:true Statement2:true
>
> I am currently running out of ideas on what I am doing wrong and why the if
> statements always evaluate to true. Any help is appreciated
>
> Thanks
>
> Chris
>
>
>
--
Eric Covener
covener@xxxxxxxxx
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|