Geek Answers Handbook

Apache Authentication: Redirect to Failure Reliably?

I installed my ErrorDocument 401 on the account creation page of my site, but not all browsers seem to abide by this redirect (Safari).

In addition, other browsers (Firefox, Chrome) never stop asking for a password and showing ErrorDocument. This leads to the fact that a large number of users refuse attempts after many attempts to enter a password without seeing the account creation page.

Is there a way to make redirection more reliable without bypassing general authentication?

+6
redirect apache basic-authentication
source share
2 answers

The simple answer to your question is no, you cannot make it more reliable without implementing custom authentication.

The only way to display Firefox and the Chrome page specified in the ErrorDocument 401 directive is to click the cancel button. In addition, there is no forwarding sent with HTTP code 401; rather, this is the content of the document specified in the ErrorDocument 401 directive. You can redirect using the HTML meta tag:

<Location "/protected"> AuthUserFile /path/to/users AuthName "This is protected area" AuthGroupFile /dev/null AuthType Basic Require valid-user #ErrorDocument 401 /register.html ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=/register.html\"></html>" </Location>

Possible solutions to your problem are creating a custom HTTP basic authentication module or using a language such as php that supports basic HTTP authentication.

http://php.net/manual/en/features.http-auth.php

+15
source share

I suspect your Firefox and Safari users are not logging into the domain before the username, i.e. MYDOMAIN \ USERNAME. There are some settings in firefox that allow pass-through authentication; I do not know about safari.

-2
source share

More articles:


All Articles