Re: [users@httpd] user authentication and redirect to directory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

----- Original Message ----- 
From: "Joshua Slive" <jslive@xxxxxxxxx>
To: <users@xxxxxxxxxxxxxxxx>
Sent: Tuesday, March 15, 2005 4:30 PM
Subject: Re: [users@httpd] user authentication and redirect to directory


> On Tue, 15 Mar 2005 15:09:23 +0200, Claudiu Sebe <csebe@xxxxx> wrote:
> > Hello all,
> >
> > Here is the story:
> >
> > In a certain directory, users authenticate through mod_auth user/pass
> > mecanism like:
> >     ####
> >     <Directory /var/www/localhost/protected>
> >     Options +FollowSymLinks +Indexes
> >     AuthName "Client Login"
> >     AuthType Basic
> >     AuthUserFile /var/www/passes/.htpass
> >     Require valid-user
> >     ####
> >
> > The /protected directory looks like:
> >     /protected
> >         /user1
> >         /user2
> >     ...
> >
> > After authentication I need to redirect the user to their directory
based on
> > the login name, so in the same <Directory...> directive, I put:
> >     ####
> >     RewriteEngine on
> >     RewriteRule ^$ /protected/%{REMOTE_USER}/$1 [L,R]
> >     ####
> >
> > Till here works ok. But I'd like to avoid that users knowing the full
path
> > to other users' directory, being able to enter there.
>
> > IMHO what I need can't be done only with mod rewrite. Can anyone show me
> > wrong 8-) ?
>
> I think there is something you aren't telling us, since your above
> RewriteRule should create an infinite loop (it will hit again on the
> request to /protected/%{REMOTE_USER}).  And in addition, the $1
> doesn't match anything.

Nope, it's nothing missing and no infinite loop is created. We are in a
per-directory context and "^$" matches only the first time; the next time
there is no empty string.
As for the $1, it is a leftover from a previous attempt. However, if there
is no paranthesised (...) match in the pattern, $1 is empty, so really
doesn't matter.


[snip]
> Joshua.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux