The trick is to use a RewriteRule and mod_rewrite to basically stop Auth_memCookie from being needed for /auth/ logins, which is where the PHP code will be executed to perform the authentication. The 'L' flag in the RewriteRule will stop the rest of the rulesets from executing.
RewriteEngine on
RewriteRule ^/auth/(.*)$ /auth/$1 [L]
<IfModule mod_auth_memcookie.c>
<Location />
AuthType Cookie
.
.
.
ProxyPass http://127.0.0.1:9999/
ProxyPassReverse http://127.0.0.1:9999/
</Location>
</IfModule>
The ProxyPass is used to proxy traffic to an internal webserver host, and the ProxyPassReverse rewrites Location: headers. If you are using Django, an HttpResponseRedirect() function call will usually set the Location: header based on the X-Forwarded-Host but because if you are not using mod_wsgi(), the header may not be correctly set. The ProxyPassReverse provides a way to rewrite redirection requests for this reason.
The other thing is to make sure that your base URL is also set with this /auth/ path:
// Base url to protect
GApps_Session::$BASE_URL = 'https://myhost.com/auth/';
No comments:
Post a Comment