I am trying to automatically log in users to an Xwiki install via basic auth. This is because help is stored in the wiki, but we want the retrieval process to be transparent to the user.
We push the user off to a url (via an <a>
tag) like:
http://username:[email protected]/xwiki/bin/view/Main?basicauth=1
This works fine in every browser except Internet Explorer (see: http://support.microsoft.com/kb/834489
. Unfortunately, 80% of our user base uses Internet Explorer and it is not an option to have them type in the credentials manually.
Currently, we have IIS 7.5 sitting in front of Xwiki and proxying all requests to the Tomcat instance on another server. This works fine. To solve my problem, I thought I could use a IIS rewrite rule to turn a url like this:
http://xwiki.example.org/xwiki/bin/view/Main?basicauth=1&_username=username&_password=password
into this:
http://username:[email protected]/xwiki/bin/view/Main?basicauth=1&_username=username&_password=password
The idea being that IIS would substitute the _username/_password querystring parameters into the URL and pass it off to Tomcat, and Xwiki would ignore the extra parameters.
I have created a URL rewrite rule like:
<rule name="BasicAuthRewrite" enabled="true">
<match url="https?://(.+)&?_username=(.+)&_password=(.+)" />
<action type="Rewrite" url="http://{R:2}:{R:3}@xwiki.example.org/{R:1}" />
</rule>
When I go 'Test pattern' in IIS and supply my url, all the backreferences ({R:x}) match up to the data I want. However, when I visit the URL in my browser, the rewrite rule fails to invoke.
Is there any way I can achieve my desired behaviour?
url rewriting - IIS Rewrite rule is stored in XML file that is deleted upon Web Publish - Stack Overflow. Stack Overflow for Teams – Start collaborating and sharing organizational knowledge.
Rewrite rules is a powerful feature in IIS. Common tasks like redirecting www to non-www (or the other way around), implementing canonical URLs, redirecting to HTTPS, and similar tasks are documented right there in your Web. config file.
It is possible to do Basic authentication with URL rewrite on IIS. You should add the server variable HTTP_Authorization the value Basic followed by the username:password in base64. Remember to add the variable in the allowed variables
So for the user Aladdin with the password open sesame you the format would be Aladdin:open sesame and base64 encoded QWxhZGRpbjpvcGVuIHNlc2FtZQ==.
Which translates into Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
<rule name="SomeName" stopProcessing="true">
<match url="url/to/match" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Rewrite" url="http://www.redirecturl.com/" appendQueryString="true" />
<serverVariables>
<set name="HTTP_Authorization" value="Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" />
</serverVariables>
</rule>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With