Linux – mod_auth_form and proper redirection after login

apache-2.4linuxmod-authredirect

Using the Apache module mod_auth_form, when a user tries to access a URL and is 'interrupted' by the form based login, how do I pass on the original URL to the html form or to the AuthFormLoginSuccessLocation directive, so I can redirect the client – upon successful authentication – to the URL where they wanted to go to.

I can add an action="/index.html" parameter to the form and redirect the user accordingly, but users will reach the login page from several URLs.

I didn't find any information on dynamically setting the value of AuthFormLoginSuccessLocation. Is there a way to do this with Apache 2.4?

Best Answer

I am redirecting the user to the login page by specifying an error document for status code 401: ErrorDocument 401 /my/login/page.html. The login page will pop up whenever a user tries to access a protected resource (unless you use session and he's already authorized). After successfully logging in, the user is redirected back to the target URL by the apache. Therefore, I don't use AuthFormLoginSuccessLocation directive.

A more complete example can be found here (I am not the author).

Related Solutions

How to redirect URLs using the proxy module in Apache

From your comment on my previous answer I gather that you are using Apache as a forwarding proxy (ProxyRequests On). You can use mod_rewrite to proxy pass through specific URL's.

You probably got something like this in your Apache config:

ProxyRequests On
ProxyVia On
<Proxy *>
   Order deny,allow
   Allow from xx.xx.xx.xx
</Proxy>

Then you have to add the following in order to proxy-pass all requests from www.olddomain.com/foo to www.newdomain.com/bar:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.olddomain\.com$
RewriteRule /foo(.*)$ http://www.newdomain.com/bar/$1 [P,L]

What this does is:

When a request is made to the host www.olddomain.com, the RewriteRule will fire.
This rule substitutes /foo to http://www.newdomain.com/bar/.
The substitution is handed over to mod_proxy (P).
Stop rewriting (L).

Example result:

Browser is configured to use your Apache as proxy server.
It requests www.olddomain.com/foo/test.html.
Your Apache will rewrite this to www.newdomain.com/bar/test.html.
It will request this page from the responsible web server.
Return the result to the browser as www.olddomain.com/foo/test.html.

Custom Authentication handler for mod_auth_form

Yes. But you need to use input fields with name = httpd_username and httpd_password (and .htaccess rights as well)

/secret/path/.htaccess

AuthFormLoginRequiredLocation /login.html
AuthFormLoginSuccessLocation /secret/path/
AuthFormProvider file
AuthUserFile /before/www/root/.htpasswd
AuthType form
AuthName "My server!"
Session On
SessionCookieName session path=/secret/path/
SessionCryptoPassphrase SomEtH1n9

/logout/.htaccess

AuthName "My server!"
AuthFormLogoutLocation /logout/
Session On
SessionCookieName session path=/secret/path/
SessionCryptoPassphrase SomEtH1n9

p.s.: don't use "secret" word from Apache Docs as a passphrase ;)

Best Answer

Related Solutions

How to redirect URLs using the proxy module in Apache

Custom Authentication handler for mod_auth_form

Related Topic