tags:

views:

150

answers:

1
Q: 

static site apache and dynamic/member site django

I have a site for static content, accessible to all that runs on apache. As an adjunct to that, there is a members site that runs on django. I haven't had any issue 'sharing' my .css and making both sides equivalent in appearance, but what I can't quite seem to grok is getting my django site to be django password protected (with the additional caveat that all member material, from the login forward, goes through 443).

I can serve all the pages, I have tried to use mod_rewrite as follows:

<Directory /Library/Webserver/Documents>
.
.
.
</Directory>

WSGIScriptAlias /members /usr/local/django/mysite/apache/django.wsgi 


<Directory /members>
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://{HTTP_HOST}%{REQUEST_URI} [L]
.
.
</Directory>

I have tried every one of a thousand different items in the '/members location above, nothing seems to hit (and yes, RewriteEngine On is included - I can watch the debug come out).

A: 

Try:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

You should be redirecting back to same host the request was made against, not necessarily the actual web server host.

I also don't believe there is a %{URI} variable in mod_rewrite. Supposed to use %{REQUEST_URI}.

EDIT 1

As per comments, should be:

<Location /members>
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://{HTTP_HOST}%{REQUEST_URI} [L]
.
.
</Location>

or:

<Directory /usr/local/django/mysite/apache>
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://{HTTP_HOST}%{REQUEST_URI} [L]
.
.
</Directory>

So, Location is for URL and Directory is for file system directory.

Graham Dumpleton  2009-12-10 21:07:40
Sorry, part of what I did was from memory, didn't have the machine right in front of me. It's not the rewritecond/rewriterule that has me stumped, it's getting them to fire. I have placed them in every imaginable <Directory> config and they never seem to hit. (Small clarification, if I do this with a regular directory, it works fine, it seems to be that I can't ascertain the correct DJANGO <Directory> structure to place the above lines into.)
KevinDTimm  2009-12-10 21:56:10
That is because you should be using 'Location' and not 'Directory' if the argument is a URL. If want to use 'Directory' should be the location of the WSGI script file, but then you can't restrict it to a sub URL of whole site. So, use 'Location'. Go read the Apache documentation on the difference between 'Location' and 'Directory'.
Graham Dumpleton  2009-12-11 03:31:57
Graham, thanks a million - give me a bit to read and then come back and mark your answer accepted. Your reputation precedes you, so I'm pretty sure this will be a short search.
KevinDTimm  2009-12-11 08:07:21
Bummer, no affect at all. It seems my Location/Directory never get matched as I never see anything except "init rewrite engine with requested uri /members" and "pass through /members" in my rewrite.log
KevinDTimm  2009-12-11 18:02:50
You sure then you haven't mucked up your VirtualHost definitions and is actually matching against wrong VirtualHost. Instead of the rewrite, add in a 'Deny from all' to even see if that section is being used. If it is, you should get forbidden error.
Graham Dumpleton  2009-12-12 03:32:30
This isn't in extra/httpd-vhosts.conf, this is all in my main httpd.conf. Should this be setup as two virtual hosts, one for my :80 and another for my :443? If so, how would it ever be possible to NOT be in HTTP if all django was that VirtualHost?
KevinDTimm  2009-12-12 06:48:41
Addenda, when I add Deny from all to my <Location> section, it does indeed deny me. So, how is my RewriteCond %{HTTPS} off being missed?
KevinDTimm  2009-12-12 07:37:47

related questions

How do I add a MIME type to .htaccess?
Difference between the Apache HTTP Server and Apache Tomcat?
How do I support SSL Client Certificate authentication?
Why can't I connect to my CAS server with Perl's AuthCAS?
Cleanest & Fastest server setup for Django
Installing Apache Web Server on 64 Bit Mac
Running Apache alongside another web server?
Algorithm behind MD5Crypt
Can you compile Apache HTTP Server and redeploy its binaries to a different location ?
mod_rewrite rule to redirect all requests except for one specific path
How do I create a self signed SSL certificate to use while testing a web app.
Software for Webserver Log Analysis?
What is the difference between an endpoint, a service, and a port when working with webservices?
What are the proper permissions for an upload folder with PHP/Apache?
mod_rewrite to alias one file suffix type to another
How do you redirect HTTPS to HTTP?
Using mod_rewrite to Mimic SSL Virtual Hosts?
User authentication on Resin webserver
How do you set up Python scripts to work in Apache 2.0?
Block user access to internals of a site using HTTP_REFERER
.htaccess directives to *not* redirect certain URLs
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP