This module uses token based authentication to secure downloads and prevent deep-linking. Have your script or servlet generate a token to authenticate the download and let Apache handle the file transfer without having to pipe it through a script for security.
Apache License 2.0
0
stars
0
forks
source link
mod_auth_token fails to work properly with ProxyPass and RewriteRule directives #16
Here are 2 configuration snippets that currently fail to work with
mod_auth_token:
<Location /protected/>
AuthTokenSecret "secret"
AuthTokenPrefix /protected/
AuthTokenTimeout 3600
ProxyPass http://127.0.0.1:8000/
</Location>
<Location /protected/>
AuthTokenSecret "secret"
AuthTokenPrefix /protected/
AuthTokenTimeout 3600
RewriteRule ^(.*)$ http://127.0.0.1:8000/$1 [P,F]
</Location>
The issue is that mod_auth_token currently asks to be slotted before mod_alias,
but not before other modules.
The attached patch just also adds mod_rewrite and mod_proxy to the list of
modules that should run after mod_auth_token.
PS, I've taken the liberty of renaming aszPost to aszSucc as this is seems to
be the standard for the apache 2.2 code base. Feel free to remove this change
if you do not like it.
Original issue reported on code.google.com by remi.car...@smartjog.com on 17 Jan 2011 at 3:52
Original issue reported on code.google.com by
remi.car...@smartjog.com
on 17 Jan 2011 at 3:52Attachments: