[nycbug-talk] apache auth allow,deny with condition...
michael
lists at genoverly.net
Tue Jul 11 09:31:31 EDT 2006
On Tue, 11 Jul 2006 09:08:23 -0400
"George Georgalis" <george at galis.org> wrote:
> On Mon, Jul 10, 2006 at 07:41:02AM -0400, wrote:
> >George Georgalis wrote...
> >> I'm trying to setup a domain that uses Basic Auth for everything
> >> but a few items, and no auth for them. I'd like the mod_dir
> >> DirectoryIndex to work for DocumentRoot, but any other page to
> >> require a valid-user.
> >
> >[snip] I trid to do the same things once, have auth required for
> >all parts of a website except one directory, I played with
> >httpd.conf until my eyes bled, but still could'nt figure it out.
> >I don't have anything useful to contribute, but if you get an answer,
> >I'd love to hear what it is.
>
> After posting to several lists, including
> apache-users, that was the only response I got.
>
> basically apache combines all the access rules in
> the path of a given url; where a parameter is set
> multiple times, last setting wins and there is no
> way to remove access requirements.
>
>
> So I fixed it by making /errordocs, /templates and
> pretty much everything under / available without
> restriction. Then I added an /accounts location
> container and require valid-user for access with an
> AuthUserFile of /dev/null, beneath that each account
> specifies it's own AuthUserFile.
>
> So the DocumentRoot presents some instructions,
> anybody descending /accounts will need to auth
> against /dev/null or a client auth file, in other
> words, get the auth required error page unless they
> get a proper url _and_ password.
>
> // George
>
>
As you found, use different trees for different perms. This is the
physical (on disk) structure, your web can appear seemless to the uer.
`-- conf
`-- htdocs <= open
|-- www1.domain.tld <= open
| `-- htpass_pages
| `-- other directory
| `-- other directory
| `-- open_pages
| `-- other_directory
| `-- other directory
| `-- other_htpass_pages
| `-- other directory
| `-- other directory
|-- www2.domain.tld <= open
| `-- htpass_pages
| `-- other directory
| `-- other directory
| `-- open_pages
| `-- other_directory
| `-- other directory
| `-- other_htpass_pages
| `-- other directory
| `-- other directory
`-- logs
--
Michael
--
Michael
More information about the talk
mailing list