How to combine basic authentication and https?

Question

How to combine basic authentication and https?

I set up a private website that should only be accessible to a few people over the Internet. I would like to set up a combination of basic authentication and https.

So far, everything is working fine if I directly type https://blah.com/location1. However , what I need is to redirect apache http://blah.com/location1to https://blah.com/location1and then perform basic authentication. I do not want basic authentication to be done before the redirect. At the moment, this is what I have in my apache configuration.

WSGIScriptAlias /site /path/to/site/apache/site.wsgi

<Directory /path/to/site/apache>
    WSGIApplicationGroup %{GLOBAL}
    Order deny,allow
    Allow from all
</Directory>

<Location /site>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

    AuthType Basic
    AuthName "Site login"
    AuthUserFile /path/to/site/.htpasswd
    Require valid-user
</Location>

Note. I need authentication only for /site. Therefore, I must have access to http://blah.com/site1, http://blah.com/site2without authentication.

+3

https apache basic-authentication

domino 11 . '10 8:57

2

Apache 2.2 SSL *, * auth ( < ?), , SSLRequireSSL, ErrorDocument 403 html 403, JavaScript, HTTPS... , , , VirtualHost HTTP, HTTPS.

0

Anthony O. 19 . '11 15:30

Bruno · Accepted Answer · 2010-11-11T18:35:30+0000

, "" HTTP- HTTPS, , HTTP ( URL- HTTPS).

, : HTTP HTTPS.

HTTP , , <Location /location1> ( ).

HTTPS <Location /location1> .

How to combine basic authentication and https?

More articles: