1) How to force an https login, and 2) Using multiple .htgroup files?

This is a discussion on 1) How to force an https login, and 2) Using multiple .htgroup files? within the Apache Web Server forums, part of the Web Server and Related Forums category; Hi, I have two questions: 1. I have a protected folder that requires login. I want users to go to ...


Go Back   Usenet Forums > Web Server and Related Forums > Apache Web Server

Reload this Page 1) How to force an https login, and 2) Using multiple .htgroup files?

FAQ Members List Calendar Search Today's Posts Mark Forums Read

 

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 09-27-2004
b.w.
 
Posts: n/a
Default 1) How to force an https login, and 2) Using multiple .htgroup files?
Hi,

I have two questions:

1.
I have a protected folder that requires login. I want users to go to
that folder with https, not http. Is there a way to detect that the
user is on http before .htaccess kicks in and asks for a login? I'd
like to have it that if a user goes the http way, they'll get
redirected to https. Is that possible?

So far I have a button on the main page (http) that takes them to the
protected folder in https. But that won't do any good if users type
in the protected folder address themselves with http.

2.
Is there a way to have an .htaccess file authenticate users from more
than one .htgroup or .htpasswd file? I'd like to keep groups of users
in different .htgroup and .htpasswd files, but certain areas of the
website need to be accessible to users from several groups. Is there
a syntax to allow that? Is this just a terribly misguided idea?

Thanks very much in advance,
B.W.
  #2 (permalink)  
Old 09-27-2004
Davide Bianchi
 
Posts: n/a
Default Re: 1) How to force an https login, and 2) Using multiple .htgroup files?
On 2004-09-27, b.w. <improvisationalskills@hotmail.com> wrote:
> I have a protected folder that requires login. I want users to go to
> that folder with https, not http.

Use a Redirect in a <Directory> block to redirect all the request to
https.

> Is there a way to have an .htaccess file authenticate users from more
> than one .htgroup or .htpasswd file?

No, one group/password file.

> website need to be accessible to users from several groups.

Put those users in one 'bigger' group or switch to a more flexible
authorization way, maybe database based.

Davide

--
The hardware is the part of the computer that you an kick.
  #3 (permalink)  
Old 09-29-2004
b.w.
 
Posts: n/a
Default Re: 1) How to force an https login, and 2) Using multiple .htgroup files?
Davide Bianchi <davideyeahsure@onlyforfun.net> wrote in message news:<slrnclgglu.1ih.davideyeahsure@fogg.onlyforfu n.net>...
> On 2004-09-27, b.w. <improvisationalskills@hotmail.com> wrote:
> > I have a protected folder that requires login. I want users to go to
> > that folder with https, not http.
>
> Use a Redirect in a <Directory> block to redirect all the request to
> https.

Thanks for your reply. Would I have to do this in a <virtual host>
block on port 80 to avoid a circular reference? (I.e. wouldn't the
redirect statement try to redirect the https also?)

I would like to redirect all of the following:
http://www.domain.com/a/x to https://www.domain.com/a/x
http://www.domain.com/b/x to https://www.domain.com/b/x
http://www.domain.com/c/x to https://www.domain.com/c/x
also for example
http://www.domain.com/c/x/anthing.html to https://www.domain.com/c/x

Would the following work (assuming inside <Directory> and possible
<Virtual Host> blocks)

RedirectMatch temp (.*)/x.* https://www.domain.com$1/x


I have to email tech support to get them to update the config file and
it takes a few hours each time, so I'd rather get it right then spend
a few days debugging it with them!

Thanks a lot!
B.W.


>
> > Is there a way to have an .htaccess file authenticate users from more
> > than one .htgroup or .htpasswd file?
>
> No, one group/password file.

OK. Thanks!
  #4 (permalink)  
Old 09-29-2004
Davide Bianchi
 
Posts: n/a
Default Re: 1) How to force an https login, and 2) Using multiple .htgroup files?
On 2004-09-28, b.w. <improvisationalskills@hotmail.com> wrote:
> Davide Bianchi <davideyeahsure@onlyforfun.net> wrote in message news:<slrnclgglu.1ih.davideyeahsure@fogg.onlyforfu n.net>...
> Thanks for your reply. Would I have to do this in a <virtual host>
> block on port 80 to avoid a circular reference?

Well, of course you need it in the http part of the site and not in
the https part.

> Would the following work (assuming inside <Directory> and possible
><Virtual Host> blocks)
>
> RedirectMatch temp (.*)/x.* https://www.domain.com$1/x

....if it's already in a <Directory> block, what's the use of a
RedirectMatc? Just use Redirect / https....

> I have to email tech support to get them to update the config file and
> it takes a few hours each time,

Can't you do that in the .htaccess file? Otherwise it would be better
for you to install a "test" server and to try out things before sending
them to the tech support people.

Davide

--
All software sucks. Everybody is considered a jerk by somebody. The sun
rises, the sun sets, the Sun crashes, lusers are LARTed, BOFHs get drunk.
It is the way of things.
--Steve Conley
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 03:52 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0