Hi all, I have a vhost where SSPI authentication is enabled (if the corresponding module is loaded and a variable is defined). So far, so good. However, depending on the existence of certain subdirectories, I need to disable authentication in those directories (htaccess files in subdirectories are not currently an option). Unfortunately that does not seem to work correctly :( My vhost configuration looks like this (httpd 2.4.43 on windows): <VirtualHost *:12000> ServerAdmin admin@host DocumentRoot "${D_DOCUMENTROOT}/vhost1" ServerName localhost <Directory "${D_DOCUMENTROOT}/vhost1"> Options -Indexes </Directory> <IfModule mod_authnz_sspi.c> <IfDefine ENABLESSO> <Directory "${D_DOCUMENTROOT}/vhost1"> AuthName "${SSODOMAIN}" AuthType SSPI SSPIAuth On SSPIAuthoritative On SSPIOfferBasic On require valid-user Options -Indexes </Directory> <IfFile !"${D_DOCUMENTROOT}/vhost1/legacy_dir"> <IfFile "${D_DOCUMENTROOT}/vhost1/myApp1/"> <Directory "${D_DOCUMENTROOT}/vhost1/myApp1/"> SSPIAuth Off Allow From All Satisfy Any </Directory> </IfFile> <IfFile "${D_DOCUMENTROOT}/vhost1/myApp2/"> <Directory "${D_DOCUMENTROOT}/vhost1/myApp2/"> SSPIAuth Off Allow From All Satisfy Any </Directory> </IfFile> <IfFile "${D_DOCUMENTROOT}/vhost1/myApp3/"> <Directory "${D_DOCUMENTROOT}/vhost1/myApp3/"> SSPIAuth Off Allow From All Satisfy Any </Directory> </IfFile> </IfFile> <IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir"> <IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp1/"> <Directory "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp1/"> SSPIAuth Off Allow From All Satisfy Any </Directory> </IfFile> <IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/"> <Directory "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/"> SSPIAuth Off Allow From All Satisfy Any </Directory> </IfFile> <IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/"> <Directory "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/"> SSPIAuth Off Allow From All Satisfy Any </Directory> </IfFile> </IfFile> </IfDefine> </IfModule> ErrorLog "logs/error/vhost1-error.log" CustomLog "logs/vhost1-access-[%Y-%m].log" common </VirtualHost> Any clues why it's not working? Or any suggestions for a different approach? Thank you. Andrea |