Hello everyone, I am trying to write a rule to force redirection to https url, from an http rule. However the folder I want to use ssl for is also .htaccess password protected.
What I have now forces the password to be entered over an https connection, which I like:
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "mysite.com"
AuthName "My Secret Folder"
AuthType Basic
AuthUserFile /var/www/html/folder/.htpasswd
require user myuser
ErrorDocument 403 [
mysite.com...]
However, lots of people have bookmarked urls, and I have scripts that access the non-ssl site, with the password embedded into it (http://myuser:mypass@mysite.com/folder/...)
Is there anyway to require SSL, but not force people to login twice? Ultimately, if I could get the ErrorDocument seen above to reflect the url that just came in, that would provide the result I want:
User logs in to [
mysite.com...] is redirected to [
mysite.com...] before they enter the password ...
Thanks!
-sned
