Mailing List Archive

Apache Form based authenication - how to redirect to orginial url instead of dologin page
Hi,

I am using the form based authentication to authenticate different applications are reverse proxied to their destination host and all applications are authorized by same credentials using sign-on feature.

For example:
https://www.example.com/Application1
https://www.example.com/Application2/{uri_parameter1}/{uri_parameter2}/<https://www.example.com/Application2/%7buri_parameter1%7d/%7buri_parameter2%7d/>
https://www.example.com/Application3?param1={paramvalue1}
and so on


I successfully achieve the login and logout functionality using Apache Form based authentication. But I have a small problem in that current solution

For example: When I provide the invalid credentials for https://www.example.com/Application1
, the url get errored out with 401 unauthorized in http://localhost:8080/login/login.html?req=/dologin/?. But I need to redirect the url to https://www.example.com/login/login.html?req=/Application1<https://www.example.com/Application1>? instead of http://localhost:8080/login/login.html?req=/login/dologin/?. By the way, users will get chance to re-enter their credentials

Your help will be much appreciable!

Some codes sample, which I used to achieve form based authenciation:

<Directory />
#LogMessage "mainDirectory"
Options FollowSymLinks
AllowOverride None
AuthFormProvider file
AuthType form
AuthName "TEST"
AuthUserFile /opt/user/passwords
Require valid-user
AuthFormLoginRequiredLocation /login/login.html?req=%{REQUEST_URI}?%{QUERY_STRING}
AuthFormFakeBasicAuth On
Session On
SessionCookieName session path=/;secure;
SessionCryptoPassphrase secret
</Directory>

<Location /logout>
AuthFormLogoutLocation /logout/logout.html
SessionMaxAge 1
RequestHeader unset Cookie
</Location>

<Location /login>
Require all granted
</Location>

<Location /dologin>
SetEnvIf Referer ^.*req=(.*)&?$ req=$1
AuthFormLoginSuccessLocation %{ENV:req}
</Location>

<Proxy *>
AuthType form
AuthName "TEST"
AuthUserFile /opt/user/passwords
AuthFormLoginRequiredLocation /login/login.html?req=%{REQUEST_URI}?%{QUERY_STRING}
AuthFormFakeBasicAuth On
Session On
SessionCookieName session path=/;secure;
#SessionExpiryUpdateInterval 1
SessionCryptoPassphrase secret
Require valid-user
</Proxy>


Include /opt/proxy/sites/common/conf/application1.conf
Include /opt/proxy/sites/common/conf/ application2.conf
Include /opt/proxy/sites/common/conf/ application3.conf


Regards,
Sathish Vijayan

Det h?r e-postmeddelandet kan inneh?lla personuppgifter om dig som s?ndare eller mottagare samt om andra personer. Information om hur vi p? Tre behandlar personuppgifter finns att l?sa p? www.tre.se/gdpr.
RE: Apache Form based authenication - how to redirect to orginial url instead of dologin page [ In reply to ]
++ Just updated with correct url from previous mail.

Hi,

I am using the form based authentication to authenticate different applications are reverse proxied to their destination host and all applications are authorized by same credentials using sign-on feature.

For example:
https://www.example.com/Application1
https://www.example.com/Application2/{uri_parameter1}/{uri_parameter2}/<https://www.example.com/Application2/%7buri_parameter1%7d/%7buri_parameter2%7d/>
https://www.example.com/Application3?param1={paramvalue1}
and so on


I successfully achieve the login and logout functionality using Apache Form based authentication. But I have a small problem in that current solution

For example: When I provide the invalid credentials for https://www.example.com/Application1
, the url get errored out with 401 unauthorized in http:// www.example.com /login/login.html?req=/dologin/?<http://localhost:8080/login/login.html?req=/dologin/?>. But I need to redirect the url to https://www.example.com/login/login.html?req=/Application1<https://www.example.com/Application1>? instead of http:// www.example.com /login/login.html?req=/login/dologin/?<http://localhost:8080/login/login.html?req=/login/dologin/?>. By the way, users will get chance to re-enter their credentials

Your help will be much appreciable!

Some codes sample, which I used to achieve form based authenciation:

<Directory />
#LogMessage "mainDirectory"
Options FollowSymLinks
AllowOverride None
AuthFormProvider file
AuthType form
AuthName "TEST"
AuthUserFile /opt/user/passwords
Require valid-user
AuthFormLoginRequiredLocation /login/login.html?req=%{REQUEST_URI}?%{QUERY_STRING}
AuthFormFakeBasicAuth On
Session On
SessionCookieName session path=/;secure;
SessionCryptoPassphrase secret
</Directory>

<Location /logout>
AuthFormLogoutLocation /logout/logout.html
SessionMaxAge 1
RequestHeader unset Cookie
</Location>

<Location /login>
Require all granted
</Location>

<Location /dologin>
SetEnvIf Referer ^.*req=(.*)&?$ req=$1
AuthFormLoginSuccessLocation %{ENV:req}
</Location>

<Proxy *>
AuthType form
AuthName "TEST"
AuthUserFile /opt/user/passwords
AuthFormLoginRequiredLocation /login/login.html?req=%{REQUEST_URI}?%{QUERY_STRING}
AuthFormFakeBasicAuth On
Session On
SessionCookieName session path=/;secure;
#SessionExpiryUpdateInterval 1
SessionCryptoPassphrase secret
Require valid-user
</Proxy>


Include /opt/proxy/sites/common/conf/application1.conf
Include /opt/proxy/sites/common/conf/ application2.conf
Include /opt/proxy/sites/common/conf/ application3.conf


Regards,
Sathish Vijayan

Det h?r e-postmeddelandet kan inneh?lla personuppgifter om dig som s?ndare eller mottagare samt om andra personer. Information om hur vi p? Tre behandlar personuppgifter finns att l?sa p? www.tre.se/gdpr<http://www.tre.se/gdpr>.