.htaccess and user redirect

.htaccess and user redirect

Post by Alex Brow » Sat, 17 Apr 1999 04:00:00



I have an interesting one.  I need to have a .htaccess protected URL
which a user will access and, depending on the username and password
entered, will then be re-directed to another page.

Sound easy?  There will be different pages to be re-directed to,
depending on the user - they will each have their own page, which they
are sent to when authenticated.

Anyone got any ideas how to tackle this one?

Apache 1.3.3 on IRIX 6.4

Thanks

Alex.

--
Alex Brown
Webmaster, Cable Internet

"Why should I care about posterity? What's posterity ever done for me?"
-- Groucho Marx

 
 
 

.htaccess and user redirect

Post by Kurt J. Lanz » Sat, 17 Apr 1999 04:00:00



> I have an interesting one.  I need to have a .htaccess protected URL
> which a user will access and, depending on the username and password
> entered, will then be re-directed to another page.

> Sound easy?  There will be different pages to be re-directed to,
> depending on the user - they will each have their own page, which they
> are sent to when authenticated.

> Anyone got any ideas how to tackle this one?

> Apache 1.3.3 on IRIX 6.4

Piece o' cake. Instead of index.html as the directory listing file, use
index.cgi. Create a script which uses the REMOTE_USER variable to select
the page you want and generate an HTTP redirect.

 
 
 

.htaccess and user redirect

Post by Alex Brow » Sat, 17 Apr 1999 04:00:00



> Piece o' cake. Instead of index.html as the directory listing file, use
> index.cgi.

That's one way of approaching it I suppose, but I need an index.html in the
same directory I think, but then I can always try that one ...

Quote:> Create a script which uses the REMOTE_USER variable to select
> the page you want and generate an HTTP redirect.

Thanks for the idea, its defo an option.

A.

--
Alex Brown
Webmaster, Cable Internet

"Why should I care about posterity? What's posterity ever done for me?"
-- Groucho Marx

 
 
 

.htaccess and user redirect

Post by Kurt J. Lanz » Sat, 17 Apr 1999 04:00:00




> > Piece o' cake. Instead of index.html as the directory listing file, use
> > index.cgi.

> That's one way of approaching it I suppose, but I need an index.html in the
> same directory I think, but then I can always try that one ...

You only *need* an index.html because that's what your configuration
says you need. Configure to use index.cgi, and also to use index.cgi
for ErrorDocument 404 (index.html missing). Nobody should try to
explicitly request index.html anyway, but a little paranoia won't hurt.
Quote:

> > Create a script which uses the REMOTE_USER variable to select
> > the page you want and generate an HTTP redirect.

> Thanks for the idea, its defo an option.

 
 
 

.htaccess and user redirect

Post by Alan J. Flavel » Sat, 17 Apr 1999 04:00:00



> > ...  I need to have a .htaccess protected URL
> > which a user will access and, depending on the username and password
> > entered, will then be re-directed to another page.
> Piece o' cake. Instead of index.html as the directory listing file, use
> index.cgi. Create a script which uses the REMOTE_USER variable to select
> the page you want and generate an HTTP redirect.

Yes, but TMTOWTDI.  mod_rewrite would save the overhead of a CGI
invocation.  See the Apache docs at
[your-favourite-mirror]/apache/docs/mod/mod_rewrite.html#RewriteCond
and specifically the note 4 there.

--
                The management apologises for the .sig delay.  This is
                due to late arrival of the incoming service.

 
 
 

.htaccess and user redirect

Post by Nick K » Sat, 17 Apr 1999 04:00:00


Quote:> Piece o' cake. Instead of index.html as the directory listing file, use
> index.cgi. Create a script which uses the REMOTE_USER variable to select
> the page you want and generate an HTTP redirect.

Careful!

In the first place, if he's using Apache (as the reference to .htaccess
suggests may well be the case), CGI is unnecessary (though of course it does
help if the facility needs to be portable).  Apache->mod_rewrite.

More seriously, if you redirect to /REMOTE_USER/ on your server, it's
an open invitation to mess around with other values of REMOTE_USER,
so you'll need the server (or CGI) to match usernames on every access.
Not hard, but might be easy to overlook ;-)

--
Nick Kew

 
 
 

1. htaccess and require valid-user/user

We are using Apache 1.3.12 with modules php4, radius, frontpage, auth_mysql.
The server is build upon DSO.

Now we have the following effect:

.htaccess is working fine with all modules, but there is no longer any
difference between using
"require valid-users" or using
"require user abc cde"

Whenever a users is validated, he's authorized. The "require user" statement
behaves the same way as the "require valid-users" statement. Now we are not
able any longer to specify dedicated user accounts to allow access. This
worked fine under 1.3.9 (which was not build using DSO ???).
Using the built-in htpasswd feature, it's working fine if you specify
/dev/null as a group name - we don't have groups defined. This was not
needed in 1.3.9 (as far as we can remember...).

Has anyone the same problem or even a solution ?


2. slackware, debian, redhat

3. Matrox Mystique ands X.

4. WANTED: Smart 'diff' program for etexts

5. Redirect - .htaccess

6. IP level encryption devices

7. Redirecting to a custom error page from .htaccess

8. Wireless Networking Newsletter

9. NCSA httpd 1.5a: .htaccess redirects

10. Why does redirect in .htaccess not work?

11. .htaccess and redirecting

12. Why do Apache and NCSA (partially) disallow Redirect in .htaccess?

13. mod_rewrite: how to redirect with .htaccess