Problem
By default crowd root (/)
requests go a landing page that provides a link to setting up crowd, a few demo applications (which outlines using Crowd with OpenID etc.). I'd prefer not to have this landing page publicly accessible.
Solution
One way around this is to simply redirect all traffic NOT to the /crowd/
context to the /crowd/
context. So, any traffic to /
or /openidserver/
will get redirected to the proper crowd application login. You can do this using your preferred web server (Apache, nginx, ...).
I use Apache2 and outline it's use specifically for Atlassian web apps here. Below is part of my VirtualHost config for Crowd, with the redirect enabled
<VirtualHost *:443> ServerName crowd.jaytaala.com ProxyRequests Off ProxyVia Off ProxyPreserveHost On RewriteEngine On RewriteCond %{REQUEST_URI} !^/crowd/ [OR] RewriteCond %{REQUEST_URI} about.jsp$ RewriteRule ^(.*)$ http://127.0.0.1:8095/crowd/ [P,L] ProxyPass / http://127.0.0.1:8095/ ProxyPassReverse / http://127.0.0.1:8095/ ... </VirtualHost>
Lines 8-11 show the rewrite rule that is used to redirect traffic to the /crowd/
context.
Line 10 will also redirect the about.jsp
page back to the main login page. I prefer to keep everything locked down and not accessible publicly, including the about page with information about versions etc.
References
Related articles