如何解决不允许已登录的用户使用apache httpd导航到登录页面并重定向到反向代理站点
使用Apache和Session&Auth模块,我们有3种类型的页面:
我对第三种类型的不安全页面存有疑问:
我有这个位置:
<Location /login.html>
Require all granted
</Location>
我尝试添加require valid-user
的反义词require not valid-user
<Location /login.html>
Require all granted
require not valid-user
</Location>
不幸的是它抛出错误:
negative Require directive has no effect in <RequireAny> directive
我尝试了很多组合,例如在/login.html位置添加AuthformLoginSuccessLocation
。
但是没办法。
这是我的完整虚拟主机配置:
Listen 80
<VirtualHost *:80>
AddRadiusAuth radius-server:1812 bigsecret 60:2
AddRadiusCookieValid 60
ProxyPass /login.html !
ProxyPassReverse /login.html !
ProxyPass /authcheck !
ProxyPassReverse /authcheck !
ProxyPass / http://sample-secure-app/
ProxyPassReverse / http://sample-secure-app/
ProxyPreserveHost On
ProxyRequests On
<Location />
AuthType Form
AuthName "Radius Authentication"
AuthFormProvider radius
# AuthformLoginrequiredLocation "/login.html"
AuthformLoginrequiredLocation /login.html?req=%{REQUEST_URI}
AuthformLoginSuccessLocation "/"
AuthBasicAuthoritative Off
AuthRadiusAuthoritative on
AuthRadiusCookieValid 3
AuthRadiusActive On
require valid-user
Session On
SessionMaxAge 120
# SessionCookieMaxAge Off
SessionCookieName session path=/
SessionCryptoPassphrase any-secret-passphrase
</Location>
<Location /authcheck>
SetEnvIf Referer ^.*req=(.*)&?$ req=$1
SetHandler form-login-handler
AuthType Form
AuthName "Radius Authentication"
AuthFormProvider radius
AuthformLoginrequiredLocation "/login.html"
AuthformLoginSuccessLocation %{ENV:req}
AuthBasicAuthoritative Off
AuthRadiusAuthoritative on
AuthRadiusCookieValid 3
AuthRadiusActive On
require valid-user
Session On
SessionMaxAge 120
SessionCookieName session path=/
SessionCryptoPassphrase any-secret-passphrase
</Location>
<Location /login.html>
Require all granted
require not valid-user
</Location>
</VirtualHost>
任何想法如何强制已登录的用户不进入包含登录表单的登录页面?
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。