Apache: Forcing SSL and Authentication

Topher Fischer javert42 at cs.byu.edu
Tue Feb 13 16:13:48 MST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael Torrie wrote:
> On Tue, 2007-02-13 at 15:59 -0700, Topher Fischer wrote:
> I'm trying to configure a webserver to redirect clients to use only
> secure http when trying to access a certain directory.  I also want them
> to authenticate using AuthType Basic.  In a perfect world, I'd be able
> to do all this with a simple .htaccess file in the directory that I want
> to protect.  The closet I've been able to come produces the following
> results:
> 
> I connect to the normal http server, it then prompts me to enter in a
> username and password.  After I authenticate myself over http, it
> connects to the https server and prompts me to authenticate myself once
> again.
> 
> I'm hopeful that this can be fixed.  Any ideas?
> 
>> Maybe don't use an .htaccess.  Rather, create a <Directory> entry in the
>> apache conf file under the correct, non-ssl vhost that does a redirect
>> to the same url under the https url.  Then under the ssl vhost, add a
>> <Directory> entry there that contains all the contents of the .htaccess
>> file.  Now you'll be able to hit the unsecured url, be 302'd to the
>> secure one, which will require a login.
> 
>> Michael
> 

I'm not using a vhost.  I'm just running the page at
http://machine/dir/.  Can I make the necessary changes just within a
block like this:
<Directory /dir/>
	rewrite rules
</Directory>

I've played around with different settings, but nothing works yet.

As far as I know, vhosts work with different host names, so I couldn't
use a vhost configuration with this setup.  Is that correct?

- --
Topher Fischer
GnuPG Fingerprint: 3597 1B8D C7A5 C5AF 2E19  EFF5 2FC3 BE99 D123 6674
javert42 at cs.byu.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFF0kYsL8O+mdEjZnQRAvtmAJ9Uz/K+7Sp5H/NzdEd1eeY5T5bAIACeK1XQ
aGajn//beqhHw1/mY5r9o/Y=
=Xix9
-----END PGP SIGNATURE-----



More information about the PLUG mailing list