Greetings All,
I've been trying to figure out how to use mod_rewrite to redirect to
https when a specific QUERY_STRING is submitted, but no luck so far.
An overview of our site configuration: Apache 2.x webserver w/
WebLogic http plugin --> WebLogic Server --> backend DB
Right now, we're running our site using the following ruleset to
redirect all http requests to https:
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*)
https://%{SERVER_NAME}/$1 [L,R]
This rule works just fine, but we'd like the redirection to https to
occur starting when a user submits their login. The login and all
subsequent activity should be https.
I developed the follwing ruleset to match the login QUERY_STRING and
redirect requests to Port 443, however the login process fails and the
URL in the browser does not change to https:
RewriteCond %{QUERY_STRING} Proc=Login&SubProc=1&redir=1
RewriteCond %{SERVER_PORT} ^80$ [NC]
RewriteRule ^/(.*)
https://%{SERVER_NAME}/$1 [L,R]
Here are log snips that show what this ruleset does (log snips edited
for brevity):
The Access Log for port 80 records all everything until the
RewriteCond matches:
xxx.xxx.xxx.xxx "POST /Controller?Proc=Login&SubProc=1&redir=1
HTTP/1.0" "h
ttp://our.domain.name/intro.html"
(Note: This is the last entry in the access log for port 80, all
subsequent requests are logged in the access log for port 443)
Here's The Rewrite Log (log level 9)
xxx.xxx.xxx.xxx our.domain.name/sid#][rid#/initial] (4) RewriteCond:
input='Proc=Login&SubProc=1&redir=1'
pattern='Proc=Login&SubProc=1&redir=1' => matched
xxx.xxx.xxx.xxx our.domain.name/sid#][rid#/initial] (4) RewriteCond:
input='80' pattern='^80$' => matched
xxx.xxx.xxx.xxx our.domain.name/sid#][rid#/initial] (2) rewrite
/Controller -> https:/our.domain.name/Controller
xxx.xxx.xxx.xxx our.domain.name/sid#][rid#/initial] (2) explicitly
forcing redirect with https:/our.domain.namem/Controller
xxx.xxx.xxx.xxx our.domain.name/sid#][rid#/initial] (1) escaping
https:/our.domain.name/Controller for redirect
xxx.xxx.xxx.xxx our.domain.name/sid#][rid#/initial] (1) redirect to
https:/our.domain.name/Controller?Proc=Login&SubProc=1&redir=1
[REDIRECT/302]
You can see that the Rewrite Conditions match and URLs are rewritten
to https. However, the user login fails and the URL does not change
to
https://
I have a couple of questions related to this problem:
1) Is it possible to accomplish this kind of redirection given the
architecture of our site (Apache/Weblogic/backend DB)?
2) I'm also looking for suggestions on how to handle Controller? type
URLs, I suspect I might not be handling these correctly and that may
be why I can't redirect correctly.
Any help or suggestions will be greatly appreciated.
-RG
FAQ
Profile
Private Messages
Log in
