发表新帖
发表新帖

apache: basic authentication before rewrite

后端 未结
关注
4 835
花落未央
花落未央 2020-12-17 21:46

I have an Apache in frontend that should redirect a request via a RewriteRule.

I have to put a basic authentication before the request is redirected, so

4条回答
  • 一生所求
    一生所求 (楼主)
    2020-12-17 22:21

    In general, Apache does the rewrite phase before the authorization phase, which is why your code performs the rewrite without ever asking for user to authenticate.

    You can get around this with the LA-U:REMOTE_USER variable. Preface your RewriteRule with a condition which looks ahead ("LA") to the authorization phase:

    RewriteCond %{LA-U:REMOTE_USER} !^$
RewriteRule ^/(.*) http://xxxxxx:xxx/$1 [L]

    See notes about this in http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritecond

    As other posters point out, it's also better to take the RewriteRule directives out of the block so they are more reliable.

    0 讨论(0)
 看不清?
提交回复
热议问题