Hi Eric, first of all thanks for you quick response! The loop is continuously giving the message "One moment please, you are being redirected". And this is the message which is displayed when the request is proxied from Apache to the Perl webserver. I'm using the LA because I don't make use of an .htaccess file. So the rewrite configuration I have posted is located in below file: /etc/httpd/conf.d/zzzz_app_sso.conf Or isn't that correct? This is an assumption I made based on the information in https://httpd.apache.org/docs/current/mod/mod_rewrite.html Maybe also worth mentioning, my proxy config is in a file which is picked up earlier: cat /etc/httpd/conf.d/zzz_app.conf <Location /> # Pass the HTTP protocol request header to the backend server if SSL is inactive. RequestHeader set "X-Forwarded-Proto" "http" env=!HTTPS ProxyPass http://localhost:8080/ retry=1 acquire=3000 timeout=6000 Keepalive=On </Location> <Location /websocket> ProxyPass ws://localhost:8080/websocket </Location> Kind regards, Michael ----- Origineel bericht: com249.798.077 --------------------------------- From: Eric Covener (cove...@gmail.com) To: users@httpd.apache.org Copy: michael.h...@colruytgroup.com Subject: Re: [users@httpd] SSO Kerberos REMOTE_USER RewriteRule Endless Loop for Certain users com249.796.781 Date: 03 december 2019 (13:49) > RewriteEngine on > RewriteCond %{LA-U:REMOTE_USER} (.+) > RewriteRule . - [E=RU:%1,NS] > RequestHeader set REMOTE_USER "%{RU}e" env=RU > RequestHeader set REMOTE_USER_SECRET "*************" > </Location> Any more details on the looping behavior? The rewrites don't make a substitution much less a redirect so it doesn't fit the usual pattern. It is also a bit odd that look-ahead is used here. %{REMOTE_USER} should be directly accessible to the rewritecond when it's used inside <location> context (this has a side effect of delaying the evaluation, and it's after authentication). I guess there is some slight chance that removing some of this look-ahead complexity could even help your symptom? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Dit bericht is onderworpen aan de voorwaarden beschikbaar op onze website Ce message est soumis aux conditions disponibles sur notre site web This message is subject to the terms and conditions available on our website
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
