documentation:1.0:redirections

Redirections

When a user access a Handler without a cookie, he is redirected on portal, and the target URL is encoded in redirection URL (to redirect user after authentication process).

To encode the redirection URL, the will use some Apache environment variables and also configuration settings:

  • HTTPS: use https as protocol
  • Port: port of the application (by default, 80 for http, 443 for https)

These parameters can be configured in Manager, in General Parameters > Advanced parameters > Handler redirections.

These settings can be overriden per virtual host, see virtual host management.

Handler use the default Apache error code for the following cases:

  • User has no access authorization: FORBIDDEN (403)
  • An error occurs on server side: SERVER_ERROR (500)

These errors can be catch trough Apache ErrorDocument directive, to redirect user on a specific page:

# Common error page and security parameters
ErrorDocument 403 http://auth.example.com/?lmError=403
ErrorDocument 500 http://auth.example.com/?lmError=500

It is also possible to redirect the user without using ErrorDocument: the Handler will not return 403 or 500 code, but code 302 (REDIRECT).

The user will be redirected on portal URL with error in the lmError URL parameter.

These parameters can be configured in Manager, in General Parameters > Advanced parameters > Handler redirections:

  • Redirect on forbidden: use 302 instead 403
  • Redirect on error: use 302 instead 500