DO NOT REPLY [Bug 45801] SSLRequireSSL with strictrequire and satisfy any does not behave as expected

bugzilla Sat, 13 Sep 2008 14:08:48 -0700

https://issues.apache.org/bugzilla/show_bug.cgi?id=45801



Ruediger Pluem <[EMAIL PROTECTED]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WONTFIX




--- Comment #1 from Ruediger Pluem <[EMAIL PROTECTED]>  2008-09-13 14:08:17 PST 
---
This cannot work due to the order how both access checks are processed. The IP
address check comes first and if it fails the SSL requirements will not be
checked anymore. Thus no redirect happens.
Try the following:

RewriteCond %{HTTPS} =Off
RewriteRule ^/opendb($|/.*) https://yourserver.com/opendb$1

<Location /opendb>
#   Network Access Control
       Order Deny,Allow
       Deny from all
       Allow from 192.168.0
       Allow from 127.0.0.1

#   Authentication
        AuthType Basic
        AuthName "Open Media Database"
        AuthUserFile /var/svn/conf/svnbackupusers
        Require valid-user

#   Allow Network Access and/or Basic Auth
       Satisfy Any

</Location>


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 45801] SSLRequireSSL with strictrequire and satisfy any does not behave as expected

Reply via email to