Apache 2.4 表单 + mod_authn_dbd + socache = 405 方法不允许

tag-icon tag-icon apache-2.4
Apache 2.4 表单 + mod_authn_dbd + socache = 405 方法不允许

我已经绞尽脑汁一段时间了,有人能帮我看一下我的 conf 文件吗?它位于 /etc/httpd/conf.d/website.conf。我正在尝试保护 members.website.com。我希望人们登录 website.com/login 并缓存凭据。该网站是安全的;登录和注销工作正常,但不会加载任何内容。我只是收到以下错误。非常感谢您的帮助。

我的浏览器出现错误:
方法不允许
对于 URL /index.php 不允许请求的方法 GET。

/var/log/httpd/error_log 中的错误
AH01811:form-login-handler 仅支持 /index.php 的 POST 方法,referer:http://website.com/login/

DBDriver mysql
DBDParams "host=12.34.56.78 port=3306 user=db_username pass=db_PASSWORD dbname=db_database"
DBDMin  2
DBDKeep 4
DBDMax  10
DBDExptime 300

<VirtualHost *:80>
  DirectoryIndex index.html index.php
  DocumentRoot /var/www/members.website.com/public_html
  ServerName members.website.com
    <Directory />
        AllowOverride All
        Options FollowSymLinks
    </Directory>

    <Location />
        SetHandler form-login-handler
        AuthFormLoginRequiredLocation "http://website.com/login"
        AuthFormLoginSuccessLocation "http://members.website.com"
        AuthFormProvider socache dbd
        AuthDBDUserPWQuery "SELECT cryptpass FROM member_table WHERE username = %s AND siteid = 1"
        AuthType form
        AuthName website-login
        Session On
        SessionCookieName session path=/
        SessionCryptoPassphrase secret1234
        AuthnCacheProvideFor dbd
        Require valid-user
    </Location>

    <Location /login>
        SetHandler form-login-handler
        AuthFormLoginRequiredLocation "http://website.com/login"
        AuthFormLoginSuccessLocation "http://members.website.com"
        AuthFormProvider socache dbd
        AuthDBDUserPWQuery "SELECT cryptpass FROM member_table WHERE username = %s AND siteid = 1"
        AuthType form
        AuthName website-login
        Session On
        SessionCookieName session path=/
        SessionCryptoPassphrase secret1234
        AuthnCacheProvideFor dbd
        Require valid-user
    </Location>

    <Location "/logout">
        SetHandler form-logout-handler
        AuthFormLogoutLocation "http://website.com/logged_out"
        Session On
        SessionMaxAge 1
        SessionCookieName session path=/
        SessionCryptoPassphrase dr41h85et4h89ewr4h9w8eh1et561jhe6541w4r1ywe
    </Location>

    <Directory "/var/www/members.website.com/public_html/administrator">
        AuthName "Member Admin Only"
        AuthType Basic
        Order deny,allow
        Deny from all
        Allow from 100.0.0.0/8
        Allow from 12.34.56.78
    </Directory>

登录表单 HTML

<form method="POST" action="http://members.website.com">
Username: <input type="text" name="httpd_username" value="" /><br />
Password: <input type="password" name="httpd_password" value="" /><br />
<input type="submit" name="login" value="Login" />
</form>

答案1

现在似乎可以正常工作了。虽然我不确定这是否经过了优化,也不确定如何测试 socache 是否正常工作,但我在日志中看到了用户名,错误也消失了。我修改了以下部分:

    <Location />
        AuthType form
        AuthName website-login
        AuthFormProvider dbd socache
        Session On
        AuthDBDUserPWQuery "SELECT cryptpass FROM member_table WHERE username = %s AND siteid = 1"
        SessionEnv On
        SessionCookieName session path=/
        SessionCryptoPassphrase secret
        Require valid-user
        AuthFormLoginRequiredLocation "http://website.com/login"
    </Location>

    <Location /login>
        SetHandler form-login-handler
        AuthFormLoginRequiredLocation "http://website.com/login"
        AuthFormLoginSuccessLocation "http://members.website.com"
        AuthFormProvider dbd
        AuthDBDUserPWQuery "SELECT cryptpass FROM member_table WHERE username = %s AND siteid = 1"
        AuthType form
        AuthName website-login
        Session On
        SessionCookieName session path=/
        SessionCryptoPassphrase secret
        AuthnCacheProvideFor dbd socache
        Require valid-user
    </Location>

相关内容