[users@httpd] Authenticating All Requests Via A Subdomain Using Mod_Rewrite

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am configuring a security sub system for my website on Apache 2.0.46 / Red Hat Linux.  I will attempt to provide as much information as possible about this so that with some assistance from you wonderful people I can arrive at a solution that will atleast leave me with some hair :-) I have googled on the topic 'Processing HTTP requests via a subdomain', however I have no recieved any information of real use to me.

T want to configure my domain www.constructingreality.com to forward all incoming requests to a subdomain called checkpoint.constructingreality.com.  On this subdomain I am performing various security checks (is the users ip banned? Is the section of the site that they want down for maintainence? Are they allowed to have the file they asked for? etc).  The reason why I am doing this is because I want something a little more robust than what Apache currently provides facilities for. Once checkpoint.constructingreality.com is done with its work, the cgi-script handing all the functionality of that subdomain issues a redirect back into www.constructingreality.com which contains the uri of the originally requested file.  The problem I am running into is that once the return request reaches www.constructingreality.com, it's been seen as a totally new request and being immediately bounced back to checkpoint.constructingreality.com thus locking the request into and endless loop until mod_rewrite hits it's internal redirection limit.  This is not a desired behavior.  The flow of events that I need to occur is this (please excuse the crudeness of the following diagram:
 
1) user request -> www.constructingreality.com [initial user request]
2) www.constructingreality.com -> checkpoint.constructingreality.com [passing request to checkpoint]
3) run security checks on checkpoint.constructingreality.com [run checks and return if all passed ]
4) checkpoint.constructingreality.com -> www.constructingreality.com [pass request back to primary domain]
5) www.constructingreality.com -> user [here's your file]
 
Definition of subdomains under my account is done by creating a subdirectory under '/var/www/html/constructingre/' which is my web visible root for both constructingreality.com and www.constructingreality.com.  So in order to have checkpoint.constructingreality.com visible as a subdomain of my account, I need to create the path '/var/www/html/constructingre/checkpoint.constructingreality.com' and place all files for the subdomain in that location.  I have done this without difficulty.
Due to the nature of my hosting setup with MediaTemple (http://www.mediatemple.com) I am required to place an .htaccess in both my main directory ( where constructingreality.com and www.constructingreality.com resolve to ) as well as another .htaccess in the root of checkpoint.constructingreality.com.  The content of my .htaccess files is as follows:
----------------------
[.htaccess -- web root]
----------------------
AddHandler cgi-script .cgi
Options +ExecCGI +FollowSymLinks +Includes
RewriteEngine On
RewriteCond %{HTTP_HOST}    !^www.constructingreality.com [NC]
RewriteRule ^/(.*)  http://www.constructingreality.com/$1 [L,R]
RewriteRule ^/(.*)  http://checkpoint.constructingreality.com/index.cgi?uri=$1 [L,R]
-------------------------
[.htaccess -- Checkpoint]
-------------------------
RewriteEngine Off
 
 
I am at a total loss as for what I need to do to break this redirection loop.  my script on checkpoint.constructingreality.com redirects using the format http://www.constructingreality.com/$uri where $uri is the request uri of the original request.  Any help that you could provide in solving this issue would be wonderful.


Find e-mail and documents on your PC instantly with the new MSN Search Toolbar?FREE! --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux