8 replies to this topic

[slm64]

Can anyone tell me whether you can use htaccess to perform both authentication and conditional redirection? What I want to do is authenticate users into our secure section, and then redirect them to a particular subdirectory based on group membership (htgroup). Presumably this would involve multiple htaccess files - one in each group's subdirectory - although I hope that it might be achievable with only one password prompt.

For a smooth user experience, what I am hoping to achieve is a single page along the lines of "blah blah blah, for entry to the secure section, click here" then a link to a page within the main secure directory (with the authentication htaccess), which the users probably never actually see as they would be automagically transferred to the appropriate subdirectory.

I can play with our htaccess ok but the server doesn't allow any scripts or "anything dynamic".

Thanks in advance for any help...

Sarah

[Randy]

Hi Sarah,

If I'm understanding your question correctly, it'll be something that is going to be basically impossible with just htaccess. It just doesn't play very well with regular expressions and conditionals.

It can however be done if you toss a bit of scripting into the mix.

Your server doesn't support any server side scripting languages like PHP or ASP?

[slm64]

Your server doesn't support any server side scripting languages like PHP or ASP?

No, no scripting. We had a choice of Windows server with ASP, or Linux without.

If scripting is the only way, what would be the implications of changing (the ones that they're not telling me about)? Windows anything is generally more prone to all sorts of unexpected behaviours, in my experience so far...

[Shane]

I've used Windows hosting for years and have been very happy with it. That said, if you're very familiar with Linux I think I'd stay there and look at some way to get PHP into the mix. You don't want to have to be learning Windows and ASP/ASP.NET on top of everything else.

[Randy]

No major security implications of installing PHP on a linux box. Might as well install MySQL as well while you're at it. Frankly, it's been a few years now since the last time I saw a *nix server that didn't have at least that much available.

I don't do Windows servers myself for various reasons. One of those being that 90% of the hack attempts on my *nix boxes are specifcally targetting known Windows securityy holes.

That said, as long as security is a top priority either is relatively safe. All you have to do is start off with a good plan and stay on top of any patch releases.

[slm64]

We are hosted externally, so ensuring that patches are applied promptly is beyond our immediate control. But, I have checked and the good news is that we can do limited PHP scripting after all.

That said, I've never attempted any so do you have some pointers you could share?

[Randy]

There are lots of php scripts out there freely available that will let you set up forwarding and manage htgroups. They're all pretty similar, in that they read the username that is input into a form, decide what htgroup the username belongs to, then forwards the user off to the appropriate area.

I haven't looked, but I'm sure that HotScripts.com has at least a couple of freebie scripts that'll accomplish the task. Just search in their PHP area for "htgroup" and it should pull up some options for you.

[slm64]

Thanks very much for your advice Randy, it is great to have people around who are willing to share their experience and resources so that the rest of us can learn too.

[Randy]

My pleasure Sarah.

That's what we're all here for.