apache:重写前的基本身份验证 [英] apache: basic authentication before rewrite

问题描述

我在前端有一个 Apache，它应该通过 RewriteRule 重定向请求.

I have an Apache in frontend that should redirect a request via a RewriteRule.

我必须在请求重定向之前进行基本身份验证，因此我将其放入配置文件中:

I have to put a basic authentication before the request is redirected, so I put this in the config file:

<VirtualHost *:443>
    ServerAdmin xxxxxx
    DocumentRoot /var/www/html/
    ServerName xxxxxxx
    RewriteEngine on
    ErrorLog logs/error.log
    CustomLog logs/access_log common

    <Directory /var/www/html/>
        AuthType Basic
        AuthName "Restricted Files"
        AuthUserFile /etc/httpd/conf/tag.pwd
        Require valid-user
        RewriteRule ^/(.*) http://xxxxxx:xxx/$1   [P,L]
    </Directory>
</VirtualHost>

但它不起作用.

有什么建议吗?

更新:我希望身份验证后的所有请求都将使用 RewriteRule ^/(.*) xxxxxx:xxx/$1 [P,L] 规则重定向但这不会发生.Apache 在 /var/www/html

UPDATE: I would expect that all requests after authentication would be redirected with the rule RewriteRule ^/(.*) xxxxxx:xxx/$1 [P,L] but this doesn't happen. Apache search the page under /var/www/html

推荐答案

我解决了将重写条件和重写规则放在 Locatio 指令之外的问题:

I solved putting the rewrite condition and rewrite rule outside the Locatio directive:

<Location />
  AuthType Basic
  AuthName "Restricted Files"
  AuthUserFile /etc/httpd/conf/tag.pwd
  Require valid-user
</Location>
RewriteCond %{LA-U:REMOTE_USER} !^$
RewriteRule ^/(.*) http://xxxxxx:xxx/$1   [P,L]

非常感谢 h0tw1r3 的建议

many thanks to h0tw1r3 for the suggestion

*请记住，Location 指令作用于 URL，而不是目录.这意味着如果有人为文档根创建别名，他们将完全绕过这些身份验证规则.(参见 http://httpd.apache.org/docs/2.0/mod/core.html#location 了解更多.)

*Keep in mind that Location directives operate on URLs, and not directories. That means that if someone creates an alias to the document root, they'll completely bypass these authentication rules. (See http://httpd.apache.org/docs/2.0/mod/core.html#location for more.)

这篇关于apache:重写前的基本身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！