我有一个使用Yii框架制作的网站。我已经将HTTP身份验证(基本)用于用户登录目的。它运行良好。身份验证后,它重定向到用户配置文件,但在www后的url中附加了https部分。例如。https://wwwhttps.example.com/directory/我也尝试过使用.htaccess删除https部分,但没有成功。这是我的.htaccess配置:
#Options +FollowSymLinks
IndexIgnore */*
RewriteEngine on
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
#Basic ldap authentication goes here ...
RewriteCond %{HTTP_HOST} ^wwwhttps'.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [R=301,QSA,NC,L]
登录控制器代码:
public function actionLogin()
{
$this->layout='//layouts/login_layout';
if(isset($_SERVER['REMOTE_USER']) && $_SERVER['REMOTE_USER']!='')
{
$username = $_SERVER['REMOTE_USER'];
$user = User::model()->findByAttributes(array('username'=>$username));
$ui = UserIdentity::impersonate($user->id);
if($ui)
Yii::app()->user->login($ui, 0);
$this->redirect(yii::app()->getBaseUrl(true).'/user/profile');
}
}
是因为基本身份验证还是其他原因?如果我不使用基本身份验证,它可以正常工作。。。。请帮帮我。提前感谢!!!
将.htaccessldap身份验证代码更改为,
RewriteCond %{HTTP_HOST} ^www'.(.*)$ [NC] RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [R=301,QSA,NC,L]
因此,整个htaccess将如下所示,
#Options +FollowSymLinks
IndexIgnore */*
RewriteEngine on
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
#Basic ldap authentication goes here ...
RewriteCond %{HTTP_HOST} ^www'.(.*)$ [NC] RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [R=301,QSA,NC,L]
@Ronit Adhikari:环境变量可能有问题。你应该检查一下。
我做对了,我必须在main.php中设置hostinfo和baseurl,因为我的webroot是公用文件夹中的目录:
request' => array(
'hostInfo' => 'https://www.example.com',
'baseUrl' => '/webroot',
),