htaccess settings not working in combination with kerberos

Mark Jas | 2 May 2012 15:40

htaccess settings not working in combination with kerberos

Hi!

I have a vhost configured to use kerberos authentication against a windows AD. Authentication works great, but some of the settings in the .htaccess file are not working.

My apache version is 2.2.15.

My files directive and my rewriterule have no effect at all, while my php_flag and php_value settings are working!?

When I disable kerberos authentication, everything in the .htaccess works perfectly.

Here the relevant parts of the httpd.conf:

Options Indexes FollowSymLinks

AllowOverride All

Order allow,deny

Allow from all

</Directory>

ServerAdmin root <at> domain.local

DocumentRoot /var/www/html-prod/

ServerName itr01.domain.local

AuthType Kerberos

AuthName "KRB Login"

KrbAuthRealms DOMAIN.LOCAL

KrbServiceName HTTP

Krb5Keytab /etc/httpd/adm.keytab

KrbMethodNegotiate on

KrbMethodK5Passwd off

satisfy any

Order allow,deny

Allow from localhost 10.31.1.86

require valid-user

</Limit>

RewriteEngine on

ErrorDocument 401 "<html><meta http-equiv=\"refresh\" content=\"0;url=https://redirect.domain.local\"></html>"

</Location>

</VirtualHost>

Here the content of my /var/www/html-prod/.htaccess

DirectoryIndex index.php

Options FollowSymlinks

php_flag session.auto_start off

php_flag register_globals off

php_flag allow_call_time_pass_reference off

php_flag magic_quotes_gpc off

php_flag short_open_tag on

php_flag session.use_trans_sid off

php_value upload_max_filesize 50M

php_value post_max_size 50M

php_value error_reporting 8191

php_value max_input_time -1

</IfModule>

# Prevent different files from download

Order allow,deny

Deny from all

Satisfy All

</Files>

RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-f

RewriteRule . /index.php [L]

</IfModule>

With regards,

Mark Jas