Rob
2008-11-27 11:21:03 UTC
Hello everybody.
This is my first post in the group so be patient :-)
I've configured the mod_xradius with Apache 2.2.8 as to protect a given
application which gets accessed using an HW token.
This application gets accessed using the following URL:
http://servername/sgd/index.jsp?langSelected=en
I'd like to use a regular expression as to only protect this URL since,
during login and logout, a similar URL gets processed by Apache which
triggers another authentication process.
As an example, as soon as the user enters the above URL, the browser
gets redirected with the following:
http://<server>/sgd/index.jsp?langSelected=en&ko=<numero>&langSelected=en
Since I'm not allowed to use the XRADIUS cache, the use will end up
having to enter his credentials twice.
The LocationMatch definition which works so far is the following:
<LocationMatch "/sgd/index.jsp(.*)">
Order Allow,Deny
AuthType Basic
AuthName "Radius username and password"
AuthBasicProvider xradius
AuthXRadiusAddServer "<radius_ip>" "secret"
AuthXRadiusTimeout 7
AuthXRadiusRetries 2
AuthXRadiusRejectBlank on
require valid-user
Satisfy any
</LocationMatch>
I've tried by defining
<LocationMatch "^/sgd/index.jsp?langSelected=en$">
but that does not get recognized by the browser.
Am I missing something or what?
I've also tried by escaping the metacharacters
<LocationMatch "^/sgd/index\.jsp\?langSelected=en$">
but unsuccessfully.
Any ideas?
Thanks,
Rob
This is my first post in the group so be patient :-)
I've configured the mod_xradius with Apache 2.2.8 as to protect a given
application which gets accessed using an HW token.
This application gets accessed using the following URL:
http://servername/sgd/index.jsp?langSelected=en
I'd like to use a regular expression as to only protect this URL since,
during login and logout, a similar URL gets processed by Apache which
triggers another authentication process.
As an example, as soon as the user enters the above URL, the browser
gets redirected with the following:
http://<server>/sgd/index.jsp?langSelected=en&ko=<numero>&langSelected=en
Since I'm not allowed to use the XRADIUS cache, the use will end up
having to enter his credentials twice.
The LocationMatch definition which works so far is the following:
<LocationMatch "/sgd/index.jsp(.*)">
Order Allow,Deny
AuthType Basic
AuthName "Radius username and password"
AuthBasicProvider xradius
AuthXRadiusAddServer "<radius_ip>" "secret"
AuthXRadiusTimeout 7
AuthXRadiusRetries 2
AuthXRadiusRejectBlank on
require valid-user
Satisfy any
</LocationMatch>
I've tried by defining
<LocationMatch "^/sgd/index.jsp?langSelected=en$">
but that does not get recognized by the browser.
Am I missing something or what?
I've also tried by escaping the metacharacters
<LocationMatch "^/sgd/index\.jsp\?langSelected=en$">
but unsuccessfully.
Any ideas?
Thanks,
Rob