Noel Stratton wrote:
> Good Morning,
>
> I currently have an internal website. I am now required to let users
> access the site outside of internal network. I have got it working so
> that it will require authentication to an active directory domain when
> the user is outside of my network. However, I now to make it where if
> the user is inside the domain the page comes up in http. When the user
> is outside of the network it will make the pages come up in https. Also
> authentication should be in https. Here is my .htaccess file:
>
> order deny,allow
> deny from all
> allow from 10.13.1.
> allow from 10.13.2.
> allow from 10.13.3.
> allow from 10.13.4.
> satisfy any
> AuthName "Members 1st Credit Union Employees Only"
> AuthType Kerberos
> Krb5Keytab /etc/auth_kerb.keytab
> KrbAuthRealm MEMBERSONLINE.LOCAL
> KrbMethodNegotiate off
> KrbSaveCredentials off
> KrbVerifyKDC off
> Require valid-user
>
> I was working with the Mod_Rewrite stuff and got it to send it to https,
> but it did internally and externally.
Untested:
RewriteCond %{REMOTE_HOST} !10\.13\.[1-4]\.[0-9]+
RewriteRule (.*) https://your.host/path/to/$1 [R]
Furthermore, if you want to deny all, except for a few addresses, it's
safer to use 'Order allow,deny', and use only the allow lines, since then
the default action is 'deny'.
Joost
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|