# make HTTP Basic Authentication work on cgi installs
<IfModule mod_fcgid.c>
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    <IfModule mod_setenvif.c>
        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
        SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
        SetEnvIf Accept "(.*)" HTTP_ACCEPT=$1
    </IfModule>
    <IfModule mod_version.c>
        <IfVersion >= 2.4.0>
            CGIPassAuth on
        </IfVersion>
    </IfModule>
</IfModule>
<IfModule mod_fastcgi.c>
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    <IfModule mod_setenvif.c>
        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
        SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
        SetEnvIf Accept "(.*)" HTTP_ACCEPT=$1
    </IfModule>
    <IfModule mod_version.c>
        <IfVersion >= 2.4.0>
            CGIPassAuth on
        </IfVersion>
    </IfModule>
</IfModule>
#<IfModule mod_cgi.c>
#    RewriteCond %{HTTP:Authorization} .
#    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#    <IfModule mod_setenvif.c>
#        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
#        SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
#        SetEnvIf Accept "(.*)" HTTP_ACCEPT=$1
#    </IfModule>
#    <IfModule mod_version.c>
#        <IfVersion >= 2.4.0>
#            CGIPassAuth on
#        </IfVersion>
#    </IfModule>
#</IfModule>
#<IfModule mod_fcgi.c>
#    RewriteCond %{HTTP:Authorization} .
#    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#    <IfModule mod_setenvif.c>
#        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
#        SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
#        SetEnvIf Accept "(.*)" HTTP_ACCEPT=$1
#    </IfModule>
#    <IfModule mod_version.c>
#        <IfVersion >= 2.4.0>
#            CGIPassAuth on
#        </IfVersion>
#    </IfModule>
#</IfModule>
#<IfModule mod_scgi.c>
#    RewriteCond %{HTTP:Authorization} .
#    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#    <IfModule mod_setenvif.c>
#        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
#        SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
#        SetEnvIf Accept "(.*)" HTTP_ACCEPT=$1
#    </IfModule>
#    <IfModule mod_version.c>
#        <IfVersion >= 2.4.0>
#            CGIPassAuth on
#        </IfVersion>
#    </IfModule>
#</IfModule>
#<IfModule mod_proxy_fcgi.c>
#    RewriteCond %{HTTP:Authorization} .
#    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#    <IfModule mod_setenvif.c>
#        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
#        SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
#        SetEnvIf Accept "(.*)" HTTP_ACCEPT=$1
#    </IfModule>
#    <IfModule mod_version.c>
#        <IfVersion >= 2.4.0>
#            CGIPassAuth on
#        </IfVersion>
#    </IfModule>
#</IfModule>
#<IfModule mod_proxy_scgi.c>
#    RewriteCond %{HTTP:Authorization} .
#    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#    <IfModule mod_setenvif.c>
#        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
#        SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
#        SetEnvIf Accept "(.*)" HTTP_ACCEPT=$1
#    </IfModule>
#    <IfModule mod_version.c>
#        <IfVersion >= 2.4.0>
#            CGIPassAuth on
#        </IfVersion>
#    </IfModule>
#</IfModule>
#<IfModule mod_proxy_cgi.c>
#    RewriteCond %{HTTP:Authorization} .
#    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#    <IfModule mod_setenvif.c>
#        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
#        SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
#        SetEnvIf Accept "(.*)" HTTP_ACCEPT=$1
#    </IfModule>
#    <IfModule mod_version.c>
#        <IfVersion >= 2.4.0>
#            CGIPassAuth on
#        </IfVersion>
#    </IfModule>
#</IfModule>

<ifModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{REQUEST_FILENAME} -s [OR]
    RewriteCond %{REQUEST_FILENAME} -l [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^.*$ - [NC,L]
    RewriteRule ^[soap|Soap|SOAP]+/(.*)$ soap.php/$1 [QSA,L]
    RewriteRule ^[portal|PORTAL|Portal]+/(.*)$ Portal.php/$1 [QSA,L]
    RewriteRule ^[auth|Auth]+/([^/]+)$  index.php?module=Auth&key=$1 [L]
    RewriteRule ^[auth|Auth]+/([^/]+)+/$  index.php?module=Auth&key=$1 [L]
    RewriteRule ^[auth|Auth]+/([^/]+)/([^/]+)$  index.php?module=Auth&login=$1&password=$2 [L]
    RewriteRule ^[auth|Auth]+/([^/]+)/([^/]+)+/$  index.php?module=Auth&login=$1&password=$2 [L]
    RewriteRule ^([^/]+)/([0-9]+)/([a-zA-Z0-9]{32})$  index.php?module=$1&id=$2&token=$3 [L]
    RewriteRule ^([^/]+)/([0-9]+)/([a-zA-Z0-9]{32})+/$  index.php?module=$1&id=$2&token=$3 [L]
    RewriteRule ^([^/]+)/criteria/([^/]+)/([a-zA-Z0-9]{32})$  index.php?module=$1&token=$3&criteria=$2 [L]
    RewriteRule ^([^/]+)/criteria/([^/]+)/([a-zA-Z0-9]{32})+/$  index.php?module=$1&token=$3&criteria=$2 [L]
    RewriteRule ^([^/]+)/criteria/([^/]+)/(.+)/([a-zA-Z0-9]{32})$  index.php?module=$1&token=$4&criteria=$2&params=$3 [L]
    RewriteRule ^([^/]+)/criteria/([^/]+)/(.+)/([a-zA-Z0-9]{32})+/$  index.php?module=$1&token=$4&criteria=$2&params=$3 [L]
    RewriteRule ^([^/]+)/picklist/([^/]+)/([a-zA-Z0-9]{32})$  index.php?module=$1&token=$3&picklist=$2 [L]
    RewriteRule ^([^/]+)/picklist/([^/]+)/([a-zA-Z0-9]{32})+/$  index.php?module=$1&token=$3&picklist=$2 [L]
    RewriteRule ^([^/]+)/picklist/picklistdep/([^/]+)/([a-zA-Z0-9]{32})$  index.php?picklistdep=1&module=$1&token=$3&picklist=$2 [L]
    RewriteRule ^([^/]+)/picklist/picklistdep/([^/]+)/([a-zA-Z0-9]{32})+/$  index.php?picklistdep=1&module=$1&token=$3&picklist=$2 [L]
    RewriteRule ^([^/]+)/action/([^/]+)/(.+)/([a-zA-Z0-9]{32})$  index.php?module=$1&action=$2&token=$4&params=$3 [L]
    RewriteRule ^([^/]+)/action/([^/]+)/(.+)/([a-zA-Z0-9]{32})+/$  index.php?module=$1&action=$2&token=$4&params=$3 [L]
    RewriteRule ^([^/]+)/(.+)/([a-zA-Z0-9]{32})$  index.php?module=$1&token=$3&params=$2 [L]
    RewriteRule ^([^/]+)/(.+)/([a-zA-Z0-9]{32})+/$  index.php?module=$1&token=$3&params=$2 [L]
    RewriteRule ^([^/]+)/([^/]+)$  index.php?module=$1&token=$2 [L]
    RewriteRule ^([^/]+)/([^/]+)+/$  index.php?module=$1&token=$2 [L]
    RewriteRule ^[API]+/(.*)$ Api.php/$1 [QSA,L]
    Options -Indexes
    Options +FollowSymlinks
</IfModule>

<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Headers: "Authorization"
</IfModule>

# Disable mod_security
<ifmodule mod_security.c>
    SecFilterEngine off
    SecFilterScanPOST off
</ifmodule>