Hi all,
I have a Rails app that I'd like to protect with basic http
authentication. I'm using SSL too, but I've verified the problem is the
same without the SSL configuration options, so I'll leave that out of
this problem report.
Setup: Apache v2.2.4 + mod_proxy_balancer + 1 mongrel instance (v1.0.4).
I'm using the apache configuration below, which requires basic
authentication to access the Rails site's public/ directory. The Rails
app works fine, and I am in fact prompted for a username and password
before I can access the app.
BUT, it turns out that if you simply hit cancel a dozen or so time at
the http auth prompt, you can view my Rails app anyway (!). My app will
then appear without any CSS styling. I'm pretty certain my mod_proxy
rules are overridding my http auth rules somehow.
Now I have tried putting the mod_proxy rules inside my
<Directory></Directory> section, and that correctly will prevent access
if http authentication doesn't succeed, but then my app blows up with
all sorts of weird errors (unable to access the sessions tmp files, even
though they're chmod 0666).
Any ideas?
Thanks,
Scott
<Proxy balancer://myapp>
BalancerMember http://127.0.0.1:14000
</Proxy>
<VirtualHost *:80>
ServerName myapp.mydomain.com
DocumentRoot "/var/www/html/myapp.mydomain.com/current/public"
<Directory "/var/www/html/myapp.mydomain.com/current/public">
Options FollowSymLinks
AllowOverride All
# Require htaccess user authentication by default
Authtype basic
AuthName "MyApp"
AuthUserFile /var/www/passwd/htpasswd.master
AuthGroupFile /var/www/passwd/groups.master
Require group myapp
</Directory>
# Rails mod_rewrite rules
RewriteEngine On
# Check for maintenance file and redirect all requests
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
RewriteCond %{SCRIPT_FILENAME} !maintenance.html
RewriteRule ^.*$ /system/maintenance.html [L]
# Rewrite index to check for static
RewriteRule ^/$ /index.html [QSA]
# Rewrite to check for Rails cached page
RewriteRule ^([^.]+)$ $1.html [QSA]
# Redirect all non-static requests to cluster
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://myapp%{REQUEST_URI} [P,QSA,L]
</VirtualHost>
--
Posted via http://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Deploying Rails" group.
To post to this group, send email to rubyonrails-deployment@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-deployment?hl=en
-~----------~----~----~----~------~----~------~--~---
