From: Wolfram Schneider Date: Fri, 6 Jun 2014 10:53:12 +0000 (+0000) Subject: The service proxy auth URL shortcut may contain ;jsessionid= as part of the URL path... X-Git-Tag: 1.0.0~551 X-Git-Url: http://git.indexdata.com/?p=mkws-moved-to-github.git;a=commitdiff_plain;h=b1323a24d096fb12f46ad86108777a6118fd3861;hp=7f4b8bbaf1be2b6aa9d004ed37508b78106c8de7 The service proxy auth URL shortcut may contain ;jsessionid= as part of the URL path, MKWS-203 Note: jsessionid=... is not an URL parameter, it is before ?command --- diff --git a/tools/apache2/mkws-live b/tools/apache2/mkws-live index 379c07e..85335c2 100644 --- a/tools/apache2/mkws-live +++ b/tools/apache2/mkws-live @@ -16,10 +16,10 @@ RewriteLog /var/log/apache2/mkws-rewrite.log # Credential-hiding rewrite rules for standard MKWS account, testing account and various application accounts - RewriteRule /service-proxy-auth /service-proxy/?command=auth&action=login&username=mkws&password=mkws [P] # [NE,P] - RewriteRule /service-proxy-testauth /service-proxy/?command=auth&action=login&username=mkwstest&password=mkwstest [P] # [NE,P] - RewriteRule /service-proxy-credoauth /service-proxy/?command=auth&action=login&username=credo&password=emu [P] # [NE,P] - RewriteRule /service-proxy-kohaauth /service-proxy/?command=auth&action=check,login&username=kohademo&password=kohademo [P] + RewriteRule /service-proxy-auth(/)?(;jsessionid=.+)? /service-proxy/$2?command=auth&action=login&username=mkws&password=mkws [P] + RewriteRule /service-proxy-testauth(/)?(;jsessionid=.+)? /service-proxy/$2?command=auth&action=login&username=mkwstest&password=mkwstest [P] + RewriteRule /service-proxy-credoauth(/)?(;jsessionid=.+)? /service-proxy/$2?command=auth&action=login&username=credo&password=emu [P] + RewriteRule /service-proxy-kohaauth(/)?(;jsessionid=.+)? /service-proxy/$2?command=auth&action=check,login&username=kohademo&password=kohademo [P] # The following rule allows the server to accept service-proxy # requests that begin with an escaped "%3F" rather than a literal