问题描述
使用Apache和Session&Auth模块,我们有3种类型的页面:
我对第三种类型的不安全页面存有疑问:
我有这个位置:
<Location /login.html>
Require all granted
</Location>
我尝试添加require valid-user的反义词require not valid-user
<Location /login.html>
Require all granted
require not valid-user
</Location>
不幸的是它抛出错误:
negative Require directive has no effect in <RequireAny> directive
我尝试了很多组合,例如在/login.html位置添加AuthformLoginSuccessLocation。
但是没办法。
这是我的完整虚拟主机配置:
Listen 80
<VirtualHost *:80>
AddRadiusAuth radius-server:1812 bigsecret 60:2
AddRadiusCookieValid 60
ProxyPass /login.html !
ProxyPassReverse /login.html !
ProxyPass /authcheck !
ProxyPassReverse /authcheck !
ProxyPass / http://sample-secure-app/
ProxyPassReverse / http://sample-secure-app/
ProxyPreserveHost On
ProxyRequests On
<Location />
AuthType Form
AuthName "Radius Authentication"
AuthFormProvider radius
# AuthformLoginrequiredLocation "/login.html"
AuthformLoginrequiredLocation /login.html?req=%{REQUEST_URI}
AuthformLoginSuccessLocation "/"
AuthBasicAuthoritative Off
AuthRadiusAuthoritative on
AuthRadiusCookieValid 3
AuthRadiusActive On
require valid-user
Session On
SessionMaxAge 120
# SessionCookieMaxAge Off
SessionCookieName session path=/
SessionCryptoPassphrase any-secret-passphrase
</Location>
<Location /authcheck>
SetEnvIf Referer ^.*req=(.*)&?$ req=$1
SetHandler form-login-handler
AuthType Form
AuthName "Radius Authentication"
AuthFormProvider radius
AuthformLoginrequiredLocation "/login.html"
AuthformLoginSuccessLocation %{ENV:req}
AuthBasicAuthoritative Off
AuthRadiusAuthoritative on
AuthRadiusCookieValid 3
AuthRadiusActive On
require valid-user
Session On
SessionMaxAge 120
SessionCookieName session path=/
SessionCryptoPassphrase any-secret-passphrase
</Location>
<Location /login.html>
Require all granted
require not valid-user
</Location>
</VirtualHost>
任何想法如何强制已登录的用户不进入包含登录表单的登录页面?
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)