Hi Harald,
> your described solution looks like the way I'm looking for. Can you please
> give me a piece of configuration? I'm not so familiar with handler
> handlings. So it would help me a lot.
Sure, your <Location> tag would look like:
<Location "/SecureMe/">
AuthName "Whats the secret knock"
AuthType Basic
PerlAccessHandler Apache::ForceSSL
PerlAuthenHandler Apache::MyAuthen
PerlAuthzHandler Apache::MyAuthz
require valid-user
</Location>
You also need the line:
PerlSetVar SecureServer my.secure.server.com
So the Apache::ForceSSL is what does the http -> https rewrite. It looks
like:
package Apache::ForceSSL;
use strict;
use Apache::Constants qw(:response);
use Apache::Util qw(escape_uri);
sub handler
{
# Get the rec
#
my $r = shift;
my $port = $r->get_server_port;
if( $port != 443 )
{
my $server = $r->dir_config('SecureServer') or
DECLINED;
my $uri = escape_uri($r->uri);
# Redirect to the encrypted port
#
my $location = "https://" . $server . $uri;
$r->header_out('Location' => $location);
$r->status(REDIRECT);
$r->send_http_header;
}
return DECLINED;
}
1;
Once I figure out how to get the server name from mod_perl and how to
successfully test for ssl I can make it even more dynamic.
> Do you think it is possible to use the rewrite mod instead of perl for
> this purpose?
Not that I know of. I have heard of other people having an external
rewrite file which says "if your URL is one of these then rewrite to ssl".
The problem I have with that is its yet another file to update. The
PerlAccessHandler is easy because I simply add it to the location block
and I am done.
Hope that helps,
Joshua
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
