Location Tag not working
9 posts
• Page 1 of 1
- lawyercentral
- Posts: 28
- Joined: 16 May 2013, 13:13
Location Tag not working
Is there a reason that this setup, within the .htaccess file, would be causing the entire website to require authentication?
I'm trying to require authentication for a single page (dynamically rewritten URL, not existing file), but nothing I've done has worked.
Thanks.
- Code: Select all
<Location /page-url-here>
AuthType basic
AuthName "Protected Content"
AuthBasicProvider file
AuthUserFile c:\inetpub\users\.htpasswds
Require valid-user
</Location>
I'm trying to require authentication for a single page (dynamically rewritten URL, not existing file), but nothing I've done has worked.
Thanks.
- lawyercentral
- Posts: 28
- Joined: 16 May 2013, 13:13
Re: Location Tag not working
Similarly, when I try to use the httpd.conf file to secure the page, it does not work. I have tried this setup:
When I hit the secure page, it loads. Then I get the login prompt. When I cancel the prompt, I can view the page. There is not 401 header returned. Strangely, while the other pages on the website load properly, the homepage also asks for authentication, but just loads when the login is cancelled.
- Code: Select all
<VirtualHost websiteurl.com:443 www.websiteurl.com:443 websiteurl.com:80 www.websiteurl.com:80>
<Location page-url-here>
AuthType Basic
AuthName "Protected Content"
AuthBasicProvider file
AuthUserFile c:\inetpub\users\.htpasswds
Require valid-user
</Location>
</VirtualHost>
When I hit the secure page, it loads. Then I get the login prompt. When I cancel the prompt, I can view the page. There is not 401 header returned. Strangely, while the other pages on the website load properly, the homepage also asks for authentication, but just loads when the login is cancelled.
- lawyercentral
- Posts: 28
- Joined: 16 May 2013, 13:13
Re: Location Tag not working
It looks like we've narrowed it down a little. It appears that once the URL has been rewritten for our CMS, the Location or LocationMatch tag no longer process it.
That is, once the Rewriterule handles the URL, taking it from being "/clean-nice-url" to being "code.php?pageID=clean-nice-url&" it doesn't get processed.
It also seems like we can't put the rewritten version into the location tag. Which is to say, this isn't working:
So... not sure if that sheds any more light on our situation. Any insight would be appreciated.
Thanks!
That is, once the Rewriterule handles the URL, taking it from being "/clean-nice-url" to being "code.php?pageID=clean-nice-url&" it doesn't get processed.
It also seems like we can't put the rewritten version into the location tag. Which is to say, this isn't working:
- Code: Select all
<Location /code.php?pageID=clean-nice-url&>
AuthType Basic
AuthName "Protected Content"
AuthBasicProvider file
AuthUserFile c:\inetpub\users\.htpasswds
Require valid-user
</Location>
So... not sure if that sheds any more light on our situation. Any insight would be appreciated.
Thanks!
Re: Location Tag not working
Hello,
I guess, the reason is that you can only use Location tag in httpd.conf and VirtualHost section but not in .htaccess:
http://www.helicontech.com/ape/doc/mod_core.htm
I guess, the reason is that you can only use Location tag in httpd.conf and VirtualHost section but not in .htaccess:
http://www.helicontech.com/ape/doc/mod_core.htm
- lawyercentral
- Posts: 28
- Joined: 16 May 2013, 13:13
Re: Location Tag not working
Thanks for getting back to me. That was the initial error, but as I explained in the second and third post, that's no longer the cause of the problem.
We are now working only in the httpd.conf file, within the VirtualHost section.
As I said in the my last post, the rules are working, but only for URLs that are not being rewritten. Once the rewriterule processes a URL, it is being ignored by the Location tag.
Is there a way that we can either get the Location tag to handle the "pretty" URL (/clean-nice-url) or get it to handle the rewritten version (code.php?pageID=clean-nice-url&), complete with URL params?
Thanks again for your time and help.
We are now working only in the httpd.conf file, within the VirtualHost section.
As I said in the my last post, the rules are working, but only for URLs that are not being rewritten. Once the rewriterule processes a URL, it is being ignored by the Location tag.
Is there a way that we can either get the Location tag to handle the "pretty" URL (/clean-nice-url) or get it to handle the rewritten version (code.php?pageID=clean-nice-url&), complete with URL params?
Thanks again for your time and help.
- lawyercentral
- Posts: 28
- Joined: 16 May 2013, 13:13
Re: Location Tag not working
Okay, we managed to isolate the password to a single page, using the pretty version of the URL.
However, there is a new issue now. The password protected page is not loading when the correct login information is input.
Predictably, incorrect credentials keep the page locked, but when the actual username and password are entered, a blank white page loads. There are no more credential prompts for the session, but the page itself is just blank.
Here is our current version in the httpd.conf:
The trick in resolving our first problem, it seems, was adding RewriteEngine on within the LocationMatch tag.
Any idea how we can get the protected page to load?
However, there is a new issue now. The password protected page is not loading when the correct login information is input.
Predictably, incorrect credentials keep the page locked, but when the actual username and password are entered, a blank white page loads. There are no more credential prompts for the session, but the page itself is just blank.
Here is our current version in the httpd.conf:
- Code: Select all
<VirtualHost websiteurl.com www. websiteurl.com>
<LocationMatch "/page-url-here">
RewriteEngine on
AuthType Basic
AuthName "Protected Content"
AuthBasicProvider file
AuthUserFile c:\inetpub\users\.htpasswds
Require valid-user
</LocationMatch>
</VirtualHost>
The trick in resolving our first problem, it seems, was adding RewriteEngine on within the LocationMatch tag.
Any idea how we can get the protected page to load?
Re: Location Tag not working
Hello,
Please specify the following things:
- do you have any other Ape rules? If yes, please show then as well
- do you have any other authentication enabled. It's better not to have anything other that Anonymous.
- also, please enable Failed request tracing tool in IIS and provide the logs (.xml and .xsl files) for the test request.
Please specify the following things:
- do you have any other Ape rules? If yes, please show then as well
- do you have any other authentication enabled. It's better not to have anything other that Anonymous.
- also, please enable Failed request tracing tool in IIS and provide the logs (.xml and .xsl files) for the test request.
- lawyercentral
- Posts: 28
- Joined: 16 May 2013, 13:13
Re: Location Tag not working
We have a number of other Ape rules in use:
We do not have any other type of authentication enabled.
With regard to the failed request tracing, I don't feel comfortable uploading that information on a publicly facing page. The status codes I am getting are first 401s, and then 404s. Is there any other specific information from it that you would like me to provide?
- Code: Select all
RewriteEngine On
RewriteBase
SetEnv siteurl http://www.thewebsiteurl.com
RewriteCond %{REQUEST_URI} [A-Z] [OR]
RewriteCond %{HTTP_HOST} [A-Z] [OR]
RewriteCond %{SERVER_PORT} 443 [OR]
RewriteCond %{HTTP_HOST} !^www\. [OR]
RewriteCond %{REQUEST_URI} /(.*)/$
RewriteRule ^(\/(.[^\/]+)+)|(\/) %{ENV:siteurl}$1 [U,CL,R=301,L,NS]
# Folders to ignore
RewriteRule ^/assets.* - [NC,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/([^?]*)(.*) /webpage.php?pageidentifier=$1&%{QUERY_STRING} [I,U,NS]
#Block spambots
RewriteCond %{HTTP:User-Agent} (?:Baiduspider|YandexBot) [NC]
RewriteRule .? - [F]
We do not have any other type of authentication enabled.
With regard to the failed request tracing, I don't feel comfortable uploading that information on a publicly facing page. The status codes I am getting are first 401s, and then 404s. Is there any other specific information from it that you would like me to provide?
Re: Location Tag not working
Hello,
"With regard to the failed request tracing, I don't feel comfortable uploading that information on a publicly facing page. The status codes I am getting are first 401s, and then 404s. Is there any other specific information from it that you would like me to provide?"
- I would like to see the entire Failed request log anyway.
Please send it to [email protected] with reference to this forum thread.
"With regard to the failed request tracing, I don't feel comfortable uploading that information on a publicly facing page. The status codes I am getting are first 401s, and then 404s. Is there any other specific information from it that you would like me to provide?"
- I would like to see the entire Failed request log anyway.
Please send it to [email protected] with reference to this forum thread.
9 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 9 guests