|
Hi, I have Apache asking for x509 Client certificates, I am trying to proxypass the original request to multiple locations based on the result of the client authentication If successfully authenticated, proxypass to authserver if not, proxypass to noauthserver Ive tryied a lot of configurations but none works, sometimes I have recursion problems, in other configurations I get 404 errors, help! for example, the example bellow gives 404 errors and never gets redirected to any server I had to create the /var/www/html/auth and /var/www/html/noauth folders but I would prefer not to create anything here if possible at all Can you propose me any solution? Thanks Luis NSSVerifyClient optional RewriteEngine on RewriteLog "/var/log/httpd/rewrite.log" RewriteLogLevel 9 RewriteCond %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS RewriteRule ^(.*)$ /noauth$1 [L] RewriteCond %{SSL:SSL_CLIENT_VERIFY} =SUCCESS RewriteRule ^(.*)$ /auth$1 [L] <Location /noauth> ProxyPass http://noauthserver/ ProxyPassReverse http://noauthserver/ </Location> <Location /auth> NSSVerifyClient require RequestHeader set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s" RequestHeader set SSL_CLIENT_I_DN "%{SSL_CLIENT_I_DN}s" RequestHeader set SSL_CLIENT_S_DN_O "%{SSL_CLIENT_S_DN_O}s" RequestHeader set SSL_CLIENT_VERIFY "%{SSL_CLIENT_VERIFY}s" ProxyPass http://authserver/ ProxyPassReverse http://authserver/ </Location> |
|