0

I have siteminder protecting an Oracle ADF java faces app. It appears I am going to have to intercept an http reqeust for the logout link delivered by Oracle in order to kill the siteminder session. I have narrowed it down to a parameter in the URI logout=true always being present when a user is logging out. I would like mod_rewrite to find this string and redirect to a static logout page defined locally to the apache proxy.

Is this feasible?

organicit
  • 115
  • 6

2 Answers2

1
RewriteEngine on
RewriteCond %{QUERY_STRING} ^(.*)logout=true(.*)$
RewriteRule .* http://yourserver/your_static_uri [R,L]
Marco Bizzarri
  • 1,358
  • 1
  • 11
  • 11
  • 1
    He's looking for a redirect, so a `[R]` may be in order. – Shane Madden Aug 01 '11 at 05:02
  • Agreed; should I update the answer to reflect this? – Marco Bizzarri Aug 01 '11 at 05:03
  • Either way - I think it's a good answer as is, if he needs to tweak the behavior then he can probably figure it out from there. But, it's your answer, do what you see fit :). – Shane Madden Aug 01 '11 at 05:07
  • @Marco If I could rate this answer on a scale of 5 you would have max 4 -- it's definitely on right direction, but it may produce false redirects if query string will be somehow similar to a desired one. For example: `DOlogout=trueSound&kitten=yes`. I perfectly understand that such situation may never happen (but... who knows what query strings OP may use) .. therefore treat this comment as 1 more step to make the rule even better/more accurate (and we are not talking here about case sensitivity). – LazyOne Aug 01 '11 at 08:01
  • @LayOne: thanks for your suggestions on how to improve my answer; later I'll take a review of it and I'll try to improve it; besides, it could be optimized for sure, adding a few special cases that allow the regular expression engine to match quickly (like if the logout parameter is the last one, or the first one). – Marco Bizzarri Aug 01 '11 at 13:32
  • Per my question this answer is correct. I however need to use the REQUEST_URI instead since I need to make it more applicable to more than just the QUERY_STRING. For that I will take @Bahamat's advice and read up on this. – organicit Aug 08 '11 at 16:59
0

Yes.

RewriteEngine    On
RewriteCond      %{QUERY_STRING}=".*logout=true.*"
RewriteRule      .* /path/to/other/location

You should really read the mod_rewrite documentation. There's a lot you can do with it.

bahamat
  • 6,263
  • 24
  • 28
  • 1
    I think this would not work: RewriteRule, IIRC, just matches on the hostname/uri part, not on the query string. – Marco Bizzarri Aug 01 '11 at 05:00
  • Yup, the parameters after the `?` (the "query string" in apache's docs, which is terribly unhelpful wording in the context of a web server) is excluded from the matching pattern for `RewriteRule`. From the docs: `the part of the URL after the hostname and port, and before the query string (e.g. "/app1/index.html").` – Shane Madden Aug 01 '11 at 05:12
  • thanks much folks. was not leveraging the RewriteCond I will give it a shot and update. – organicit Aug 02 '11 at 19:09