1

I would like to redirect to a certain folder based on the REMOTE_USER value, so:

http://example.com/files

would redirect to:

/data/files/charlie/uploads

if the REMOTE_USER value was 'charlie'.

I've tried many things, including this:

RewriteCond %{LA-U:REMOTE_USER} !^$
RewriteRule ^/files/(.*)$ /data/files/%{REMOTE_USER}/uploads/$1 [PT]

but nothing works. I get infinite loops and 404s.

I looked at <If> but it seems REMOTE_USER is not available during <If> evaluation.

[EDIT:]

Current attempt, which results in a redirect loop for http://example.com/files/ looks like this:

# if REMOTE_USER is not empty string
RewriteCond %{LA-U:REMOTE_USER} !^$

# eg /files/foo -> /data/dev/uploads/charlie/foo
RewriteRule ^/files/(.*)$ /data/dev/uploads/%{LA-U:REMOTE_USER}/$1 [PT,L]

#...

<Directory /data/dev/uploads>
    AllowOverride all
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/.htpasswd_dev
    Require valid-user
</Directory>

Entire conf file:

<VirtualHost *:80>
    ServerName example.com
    ServerAdmin admin@example.com

    DocumentRoot /usr/local/www/example.com/public_html

    ErrorLog /usr/local/www/example.com/logs/error.log
    CustomLog /usr/local/www/example.com/logs/access.log combined
    ErrorLogFormat "%{c}t %M"

    Header set Access-Control-Allow-Origin "*"
    Header set Origin "http://example.com"
    Header set Accept "Authorization"

    ExpiresActive on

    <FilesMatch "\.(html|htm|js|css|ico)$">
        # Header set Cache-Control "max-age=31536000"
        Header set Cache-Control "must-revalidate"
        # ExpiresDefault "access plus 4 hours"
    </FilesMatch>

    WSGIScriptAlias /api /usr/local/www/example.com/server/server.py
    WSGIPassAuthorization On
    WSGIDaemonProcess example.com threads=15 python-path=/usr/local/www/example.com/server
    WSGIProcessGroup example.com

    Alias /files /data/dev/uploads
    Alias /files/ /data/dev/uploads/

    RewriteEngine On

    # if REMOTE_USER is not empty string
    RewriteCond %{LA-U:REMOTE_USER} !^$

    # eg /files/foo -> /data/dev/uploads/charlie/foo
    RewriteRule ^/files/(.*)$ /data/dev/uploads/%{LA-U:REMOTE_USER}/$1 [PT,L]

    RewriteRule ^/play/(.*)$ /api/play/$1 [PT]
    RewriteRule ^/screen/(.*)$ /api/screen/$1 [PT]
    RewriteRule ^/static/(.*)$ /static/$1 [L]
    RewriteRule ^/(list|edit|help|view).*$ /index.html [L]

    <Directory /usr/local/www/example.com/public_html>
        Require all granted
    </Directory>

    <Directory /usr/local/www/example.com/server>
        Require all granted
    </Directory>

    <Directory /data/dev/uploads>
        AllowOverride all
        AuthType Basic
        AuthName "Restricted Content"
        AuthUserFile /etc/apache2/.htpasswd_dev
        Require valid-user
    </Directory>

</VirtualHost>

OK, this almost works:

RewriteRule ^/files$ /files/%{LA-U:REMOTE_USER} [PT,L]

Alias /files /data/dev/uploads

<Directory /usr/local/www/example.com/public_html>
    Require all granted
</Directory>

<Directory /usr/local/www/example.com/server>
    Require all granted
</Directory>

<Directory /data/dev/uploads>
    Options +Indexes
    AllowOverride all
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/.htpasswd_dev
    Require valid-user
</Directory>

This seems to work:

RewriteCond %{LA-U:REMOTE_USER} !^$
RewriteRule ^/files/?$ /files/%{LA-U:REMOTE_USER} [PT,L]

Alias /files /data/dev/uploads

<Directory /data/dev/uploads>
    AllowOverride all
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/.htpasswd_dev
    Require valid-user
</Directory>

[PT] is to allow the Alias to pick up the redirection, although I'm not sure that's how it works...

Charlie Skilbeck
  • 123
  • 7
  • also check http://serverfault.com/questions/85197/how-to-map-authenticated-apache-users-to-their-own-directory – Sachin Singh Aug 03 '16 at 07:17
  • Thanks, I've looked at both of those but am still not able to get it working. I get a redirect loop which looks like: http://server.com/files/index.php/index.php/index.php/index.php/... – Charlie Skilbeck Aug 03 '16 at 07:35
  • With regards to the "current attempt", it looks like you have a conflict with mod_dir. What other directives do you have (`#...`)? Is there a specific reason for the `PT` flag? is `/data/dev/uploads//foo` a path from the document root, or from the root of the filesystem? Incidentally, the "infinite loop" in the first part of your question is quite a different problem to your "current attempt". – MrWhite Aug 03 '16 at 10:24
  • I added the whole conf file to the post. PT was from trying to get it working with Alias. /data/dev/uploads//foo is from the root of the filesystem. – Charlie Skilbeck Aug 03 '16 at 10:57
  • OK, getting closer. Trailing slashes need to be carefully managed. Edited post with latest attempt. – Charlie Skilbeck Aug 03 '16 at 16:08
  • Looks like Chrome and IE cache redirects a bit differently, worth bearing in mind when you're banging your head against this wall.... – Charlie Skilbeck Aug 03 '16 at 16:17
  • Regarding your _latest attempt_, what do you mean by "almost works"? And how "differently" were Chrome and IE caching redirects? The earlier "redirect" would seem to have been in error and browsers will generally cache 301 redirects (but they can vary in how long and how "persistent" they are cached for). (A good idea to test with the browsers _object inspector_ open and caching disabled.) – MrWhite Aug 03 '16 at 22:54
  • 1
    I was unaware of how browsers cache the login credentials, which made me think wrongly that it wasn't working. I've updated the post with what I'm using, which seems to work. – Charlie Skilbeck Aug 05 '16 at 07:16

0 Answers0