Conditionally disable authentication in subdirectories

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi all,

 

I have a vhost where SSPI authentication is enabled (if the corresponding module is loaded and a variable is defined). So far, so good.

However, depending on the existence of certain subdirectories, I need to disable authentication in those directories (htaccess files in subdirectories are not currently an option).

Unfortunately that does not seem to work correctly :(

 

My vhost configuration looks like this (httpd 2.4.43 on windows):

 

<VirtualHost *:12000>

                ServerAdmin admin@host

                DocumentRoot "${D_DOCUMENTROOT}/vhost1"

                ServerName localhost

               

                <Directory "${D_DOCUMENTROOT}/vhost1">

                               Options -Indexes

                </Directory>

               

                <IfModule mod_authnz_sspi.c>

                               <IfDefine ENABLESSO>

                                               <Directory "${D_DOCUMENTROOT}/vhost1">

                                                               AuthName "${SSODOMAIN}"

                                                               AuthType SSPI

                                                               SSPIAuth On

                                                               SSPIAuthoritative On

                                                               SSPIOfferBasic On

                                                               require valid-user

                                                               Options -Indexes

                                               </Directory>

 

                                               <IfFile !"${D_DOCUMENTROOT}/vhost1/legacy_dir">

                                                               <IfFile "${D_DOCUMENTROOT}/vhost1/myApp1/">

                                                                               <Directory "${D_DOCUMENTROOT}/vhost1/myApp1/">

                                                                                              SSPIAuth Off

                                                                                              Allow From All

                                                                                              Satisfy Any

                                                                               </Directory>

                                                               </IfFile>

                                                               <IfFile "${D_DOCUMENTROOT}/vhost1/myApp2/">

                                                                               <Directory "${D_DOCUMENTROOT}/vhost1/myApp2/">

                                                                                              SSPIAuth Off

                                                                                              Allow From All

                                                                                              Satisfy Any

                                                                               </Directory>

                                                               </IfFile>

                                                               <IfFile "${D_DOCUMENTROOT}/vhost1/myApp3/">

                                                                               <Directory "${D_DOCUMENTROOT}/vhost1/myApp3/">

                                                                                              SSPIAuth Off

                                                                                              Allow From All

                                                                                              Satisfy Any

                                                                               </Directory>

                                                               </IfFile>

                                               </IfFile>

 

                                               <IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir">

                                                               <IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp1/">

                                                                               <Directory "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp1/">

                                                                                              SSPIAuth Off

                                                                                              Allow From All

                                                                                              Satisfy Any

                                                                               </Directory>

                                                               </IfFile>

                                                               <IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/">

                                                                               <Directory "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/">

                                                                                              SSPIAuth Off

                                                                                              Allow From All

                                                                                              Satisfy Any

                                                                               </Directory>

                                                               </IfFile>

                                                               <IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/">

                                                                               <Directory "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/">

                                                                                              SSPIAuth Off

                                                                                              Allow From All

                                                                                              Satisfy Any

                                                                               </Directory>

                                                               </IfFile>

                                               </IfFile>

                               </IfDefine>

                </IfModule>

               

                ErrorLog "logs/error/vhost1-error.log"

                CustomLog "logs/vhost1-access-[%Y-%m].log" common

</VirtualHost>

 

 

Any clues why it's not working? Or any suggestions for a different approach?

Thank you.

 

Andrea


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux