On 12/19/05, Diana Shepard <Diana.Shepard@xxxxxxxxx> wrote:
>
>
> I am running Apache 2.0.53 on Sun Solaris 9.
>
> I am trying to force the use of https for a particular web site.
> I've done:
>
>
> <VirtualHost *:80>
> ServerName www.somewhere.com
> RewriteEngine On
> RewriteCond %{REQUEST_URI} /somestring/
> RewriteRule ^(.*)$ https://www.somewhere.com/$1
> </VirtualHost>
>
> The problem is that the user must first be authenticated against an ldap
> and that password authentication happens before the redirect;
> defeats the whole purpose. The purpose is to encrypt the login to the ldap.
>
> Any suggestions?
Scope the login directives inside the <VirtualHost :443> section.
Joshua.
|