基于http状态码的重写

Question

apache中有任何方法可以根据您得到的http代码响应来设置重写条件吗？oauth代理(apache)前面的服务器将(302)重定向到我的auth提供程序；但是，我不希望它代理websocket目录中的任何内容--我希望它是403。这一切都是为了防止它不断尝试发布未经授权的数据，并为OpenIDC构建大量的状态cookie。

谢谢你的考虑。

就像这样：

RewriteEngine On
RewriteCond %{HTTP_HOST} ^my\.server\.co$
RewriteCond %{HTTP_RESPONSE} 302
RewriteCond %{REQUEST_URI}  ^/websocket
RewriteRule (.*) $1 [F,L,NC]

Answer 1

您应该能够使用：

<Location /websocket>
    OIDCUnAuthAction 401
</Location>

如配置原语中记录的这里所示：

# (Optional)
# Defines the action to be taken when an unauthenticated request is made.
# "auth" means that the user is redirected to the OpenID Connect Provider or Discovery page.
# "401" means that HTTP 401 Unauthorized is returned.
# "pass" means that an unauthenticated request will pass but claims will still be passed when a user happens to be authenticated already
# Useful in Location/Directory/Proxy path contexts that serve AJAX/Javascript calls and for "anonymous access"
# When not defined the default "auth" is used.
#OIDCUnAuthAction [auth|pass|401]

(它将返回401状态代码，而不是403)

Answer 2

其他解决方案

RewriteEngine on

ErrorDocument 403 /%{REQUEST_URI}/403.shtml
ErrorDocument 404 /%{REQUEST_URI}/404.shtml

RewriteCond %{REQUEST_URI} /([0-9]{3}+).shtml$ [NC]
RewriteRule (.*) $1 [R=%1,L]