Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: mod_headers |
|
| Author |
|
haze
Joined: 06 Jun 2007
Posts: 4
|
 Posted: Wed 06 Jun '07 22:46 Post subject: mod_headers |
 |
|
Is it possible to modify incoming headers of a location protected by
<LocationMatch "/*">
AuthType Auth
require valid-user
</LocationMatch>
How do I make use of the RequestHeader directive?
All I want to do is change the headers before the 'require valid-user' prompts for authentication.
Here Auth is an external security module. |
|
| Back to top |
|
tdonovan
Moderator
Joined: 17 Dec 2005
Posts: 611
Location: Milford, MA, USA
|
| Posted: Thu 07 Jun '07 3:04 Post subject: |
|
|
It isn't clear which version of Apache you are running, or exactly what you are trying to accomplish.
Maybe you are trying to change or add an Authorization or Proxy-Authorization header?
With Apache 2.0: no.RequestHeader happens after authentication is done. With Apache 2.2: maybe, using early-mode.See the RequestHeader docs for Apache 2.2, especially the warnings in the early-mode section.
One problem is that you will need to set RequestHeader for the whole server, or at least for an entire virtual host, because early-mode can't work inside a <Location> or <Directory> block.
-tom-
p.s. Your <LocationMatch "/*"> seems odd. Do you really mean "zero or more slashes"
- or did you intend <LocationMatch "/.*"> which would be "a slash followed by zero or more characters"? |
|
| Back to top |
|
haze
Joined: 06 Jun 2007
Posts: 4
|
| Posted: Thu 07 Jun '07 17:02 Post subject: |
|
|
I was also thinking of the early mode but sadly, I have to use Apache 2.0.
Is there any other way of manipulating these headers?
Will it be possible to through a custom module?
Thanks for the help. |
|
| Back to top |
|
tdonovan
Moderator
Joined: 17 Dec 2005
Posts: 611
Location: Milford, MA, USA
|
| Posted: Thu 07 Jun '07 17:44 Post subject: |
|
|
re: "Will it be possible to through a custom module? "
It certainly looks possible.
Instead of a new module, perhaps you could simply change Apache 2.0 mod_headers to always make RequestHeader work in early mode by changing one line in modules/metadata/mod_headers.c
from: | Code: | | ap_hook_fixups(ap_headers_fixup, NULL, NULL, APR_HOOK_LAST); |
to: | Code: | | ap_hook_post_read_request(ap_headers_fixup, NULL, NULL, APR_HOOK_FIRST); |
Just a guess, I didn't actually try it (I don't use Apache 2.0). If this works, the restrictions should be the same as with Apache 2.2 because RequestHeader will now execute immediately for each new request, before <Location> or <Directory> are determined.
-tom- |
|
| Back to top |
|
haze
Joined: 06 Jun 2007
Posts: 4
|
| Posted: Mon 18 Jun '07 20:01 Post subject: |
|
|
I really don't know how to thank you.
You are my hero. This works perfectly. |
|
| Back to top |
|
|
|
|
|
|
