> -----Original Message----- > From: Brice Figureau [mailto:brice+apache@xxxxxxxxxxxxxxxx] > Sent: Samstag, 26. Februar 2005 12:53 > To: users@xxxxxxxxxxxxxxxx > Subject: [users@httpd] How to rewrite URL to trigger authentication ? > > > Hi, > > I want to trigger an HTTP authentication based on some value of the > param 'page' of the query string: > > http://myhost/index.php?page=stats¶m1=xxx > should trigger an authentication and upon success, should let access. > > and > http://myhost/index.php?page=goahead¶m1=xxx > should be accessible directly. > > My idea was the following: > 1) create a protected directory which is guarded with an AuthUserFile > 2) Rewrite (redirect in fact) if REMOTE_USER is empty and page matches > stats to /protected/index.php > 3) the authentication dialog should pop-up > 4) then rewrite /protected/index.php back to /index.php OK - but now the URL is outside the authentication realm so the browser sends the request without credentials, so it triggers the rewrite and you go round the loop again. And again. And againnnnnn..... I don't think you can do this the way you want without using session-handling (ie, cookies) which is beyond the scope of mod_auth. A workaround would be to symlink /protected/index.php back to /index.php so that when you hit the authenticated directory you really do execute /protected/index.php (then you just drop all the rewrite rules from the directory container). Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > and continue > processing. > > Unfortunately this does not work as I thought, here is the > configuration: > > RewriteEngine On > RewriteCond %{LA-U:REMOTE_USER} ^$ > RewriteCond %{QUERY_STRING} page=(stats|protectedpage) > RewriteRule ^/index.php /protected/index.php [QSA,R] > > <Directory /var/www/protected> > AuthType Basic > AuthName "Protected Area" > AuthUserFile /etc/apache2/passwords > require valid-user > > RewriteEngine On > RewriteCond %{REMOTE_USER} !^$ > RewriteRule .* /index.php [QSA,L] > > RewriteCond %{REMOTE_USER} ^$ > RewriteRule .* - [F] > </Directory> > > The first rewriteRule works, it redirects to the protected area, my > browser asks for authentication. > Then there is a redirect loop. > > Careful inspection of the rewrite log (I can provide it if you want) > does not show where is my mistake. > > What's wrong with this configuration ? > > Thanks for your help. > > -- > Brice Figureau <brice+apache@xxxxxxxxxxxxxxxx> > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP > Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx