Don';不允许登录用户使用apache httpd导航到登录页面并重定向到反向代理站点
使用带有会话和身份验证模块的Apache,我们有3种类型的页面:Don';不允许登录用户使用apache httpd导航到登录页面并重定向到反向代理站点,apache,url-rewriting,session-cookies,reverse-proxy,http-redirect,Apache,Url Rewriting,Session Cookies,Reverse Proxy,Http Redirect,使用带有会话和身份验证模块的Apache,我们有3种类型的页面: 打开页面无论用户是否登录,都可以打开:默认 安全页面需要登录用户:由管理需要有效用户 不安全页面需要未登录的用户:如/login.html页面 我对第三种类型的不安全页面有问题: 即使用户已登录。。。当我导航到/login.html页面时,Apache不会重定向我 我有这个位置: <Location /login.html> Require all granted </Location&g
- 打开页面无论用户是否登录,都可以打开:默认
- 安全页面需要登录用户:由
管理需要有效用户
- 不安全页面需要未登录的用户:如
页面/login.html
/login.html
页面时,Apache不会重定向我
我有这个位置:
<Location /login.html>
Require all granted
</Location>
不幸的是,它抛出错误:
negative Require directive has no effect in <RequireAny> directive
您知道如何强制登录用户不进入包含登录表单的登录页面吗?
negative Require directive has no effect in <RequireAny> directive
Listen 80
<VirtualHost *:80>
AddRadiusAuth radius-server:1812 bigsecret 60:2
AddRadiusCookieValid 60
ProxyPass /login.html !
ProxyPassReverse /login.html !
ProxyPass /authcheck !
ProxyPassReverse /authcheck !
ProxyPass / http://sample-secure-app/
ProxyPassReverse / http://sample-secure-app/
ProxyPreserveHost On
ProxyRequests On
<Location />
AuthType Form
AuthName "Radius Authentication"
AuthFormProvider radius
# AuthFormLoginRequiredLocation "/login.html"
AuthFormLoginRequiredLocation /login.html?req=%{REQUEST_URI}
AuthFormLoginSuccessLocation "/"
AuthBasicAuthoritative Off
AuthRadiusAuthoritative on
AuthRadiusCookieValid 3
AuthRadiusActive On
require valid-user
Session On
SessionMaxAge 120
# SessionCookieMaxAge Off
SessionCookieName session path=/
SessionCryptoPassphrase any-secret-passphrase
</Location>
<Location /authcheck>
SetEnvIf Referer ^.*req=(.*)&?$ req=$1
SetHandler form-login-handler
AuthType Form
AuthName "Radius Authentication"
AuthFormProvider radius
AuthFormLoginRequiredLocation "/login.html"
AuthFormLoginSuccessLocation %{ENV:req}
AuthBasicAuthoritative Off
AuthRadiusAuthoritative on
AuthRadiusCookieValid 3
AuthRadiusActive On
require valid-user
Session On
SessionMaxAge 120
SessionCookieName session path=/
SessionCryptoPassphrase any-secret-passphrase
</Location>
<Location /login.html>
Require all granted
require not valid-user
</Location>
</VirtualHost>