I need protect a rails application. I have the application in a
virtual host(see below) in their configuration I used Auth* directives
but don't work fine.It ask for the user/pass but If I cancel it show the
page without images, css, ... (all hosted in public directory).
How I can protect all my application?
Thanks!
=======================
virtual host config file:
<Proxy balancer://foobar_cluster>
BalancerMember http://127.0.0.1:7995
</Proxy>
# Setup the VirtualHost for your Rails application
<VirtualHost *:80>
ServerAdmin webm...@foobar.com
ServerName foobar.com
ServerAlias *.foobar.com
DocumentRoot /home/foobar/current/public
<Directory '/home/foobar/current/public'>
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
AuthType Basic
AuthName "Realm..."
AuthUserFile /usr/local/apache2/conf/.passwd_web
Require valid-user
</Directory>
# Not supported on Mac OS X.
EnableSendfile On
# Allow Rails to delegate the service of static resources.
XSendFile on
XSendFileAllowAbove on
# Setup your Rewrite rules here
RewriteEngine On
# This rewrites all dynamic requests to /system/maintenance.html if that
# file exists, this file is created by Capistrano's disable task.
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
RewriteCond %{SCRIPT_FILENAME} !maintenance.html
RewriteRule ^.*$ /system/maintenance.html [L]
# Rewrite to check for Rails cached page, we don't use caches at this
moment
# RewriteRule ^([^.]+)$ $1.html [QSA]
# Redirect all non-static requests to the cluster.
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://foobar_cluster%{REQUEST_URI} [P,QSA,L]
# Compress common non-binary content.
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css
application/x-javascript
# Error logs
ErrorLog "|/usr/local/apache2/bin/rotatelogs
/usr/local/apache2/logs/foobar_error_log_%Y%m%d 86400"
CustomLog "|/usr/local/apache2/bin/rotatelogs
/usr/local/apache2/logs/foobar_access_log_%Y%m%d 86400" combined
env=!dontlog
#Fix for Apache bug 39499
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
</VirtualHost>