On 4/26/05, Frank McCreedy <frankm@xxxxxxxxxxx> wrote:
> First, I apologize if I break any etiquette for messages, this is my first
> message.
>
> What I am trying to do, is restrict access to a location based on
> parameters embedded in a URL as shown below. The first location just
> requires a valid user, the second requires a user in the admin group. It
> doesn't seem to work like I would think it would. Is this even possible
> to do or do I have to make a completely different URL?
>
> <Location /servlet/MyServlet>
> SSLRequireSSL
> AuthType Basic
> AuthName "Area 1"
> AuthUserFile c:/apache/users/users.txt
> require valid-user
> </Location>
>
> <Location /servlet/MyServlet?type=admin>
> SSLRequireSSL
> AuthType Basic
> AuthName "Area 2"
> AuthUserFile c:/apache/users/users.txt
> AuthGroupFile c:/apache/users/groups.txt
> require group admin
> </Location>
In general, no you can't do that. <Location> will not look at the query string.
If you really need, you can hook something up with mod_rewrite, as in
RewriteEngine On
RewriteCond %{QUERY_STRING} type=admin
RewriteCond %{LA-U:REMOTE_USER} !some-condition
RewriteRule /servlet/MyServlet - [F]
That will kill the request if the user does not match the regex
"some-condition". You could use a RewriteMap to look up the user in a
groups-type file.
But now we are getting pretty complicated.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|