Closed d7oc closed 1 year ago
The
RewriteRule
with[P]
didn't work here
did you install and enabled mod_proxy? https://httpd.apache.org/docs/current/rewrite/flags.html#flag_p
Yes mod_proxy was installed, but didn't work nevertheless.
Redirect is by definition wrong - the clients will not accept redirect - this has to be done via proxy.
brilliant - docs are different - https://doc.owncloud.com/server/next/admin_manual/configuration/user/oidc/oidc.html#set-up-service-discovery
need to take a closer look ..... Tuesday ...
I took a closer look meanwhile as well. Redirection is wrong indeed. Proxy could be working, but you have to switch on SSLProxyEngine
if Apache provides SSL as well (at least I found no way to circumvent this). It also feels kind of strange to let Apache proxy to itself, especially with SSL this is also an expensive operation as SSL re-/encoding happens three times with this proxy rule:
Client -> (here) Apache (here) -> (here) Apache
This makes no sense to me. So I also looked why I get a redirect even if I try to let Apache rewrite the rule which would make Apache doing the magic internally with:
RewriteRule "^/\.well-known/openid-configuration" "/index.php/apps/openidconnect/config" [L]
It turned out after some investigation, that the redirect comes from oC's php code, not from Apache. With the rewrite rule in Apache I end up here: https://github.com/owncloud/core/blob/843ef709fb7af08fef7b4a03b3cff92b6e5c5367/lib/base.php#L964
This triggers the redirect to index.php/login
.
When I check what happens if I use the proxy rule I see that we end up here: https://github.com/owncloud/core/blob/843ef709fb7af08fef7b4a03b3cff92b6e5c5367/lib/base.php#L928.
My question would be, why we can't handle the incoming rewritten Apache rule the same way like the proxy call?
Ping, any update?
It turned out after some investigation, that the redirect comes from oC's php code, not from Apache. With the rewrite rule in Apache I end up here: https://github.com/owncloud/core/blob/843ef709fb7af08fef7b4a03b3cff92b6e5c5367/lib/base.php#L964
This triggers the redirect to
index.php/login
.When I check what happens if I use the proxy rule I see that we end up here: https://github.com/owncloud/core/blob/843ef709fb7af08fef7b4a03b3cff92b6e5c5367/lib/base.php#L928.
My question would be, why we can't handle the incoming rewritten Apache rule the same way like the proxy call?
I just faced the same [L]
alone basically does nothing in Apache but triggers the php code as described by @d7oc
No idea why.
I could only make this whole thing work properly with the existing [P]
rule.
vote for closing this PR - redirecting is anyhow wrong ....
The
RewriteRule
with[P]
didn't work here, I had to use[R=301,L]
to make it work.Description
Related Issue
Motivation and Context
How Has This Been Tested?
Screenshots (if appropriate):
Types of changes
Checklist:
Open tasks: