On 12/19/05, Diana Shepard <Diana.Shepard@xxxxxxxxx> wrote: > > > I am running Apache 2.0.53 on Sun Solaris 9. > > I am trying to force the use of https for a particular web site. > I've done: > > > <VirtualHost *:80> > ServerName www.somewhere.com > RewriteEngine On > RewriteCond %{REQUEST_URI} /somestring/ > RewriteRule ^(.*)$ https://www.somewhere.com/$1 > </VirtualHost> > > The problem is that the user must first be authenticated against an ldap > and that password authentication happens before the redirect; > defeats the whole purpose. The purpose is to encrypt the login to the ldap. > > Any suggestions? Scope the login directives inside the <VirtualHost :443> section. Joshua.