> -----Original Message----- > From: Boyle Owen [mailto:Owen.Boyle@xxxxxxx] > Sent: Monday, December 05, 2005 2:25 PM > To: users@xxxxxxxxxxxxxxxx > Subject: RE: [users@httpd] Auth problem with Location > Thank you Boyle ! > > -----Original Message----- > > From: Maurer, Hermann [mailto:Hermann.Maurer@xxxxxxx] > > Sent: Montag, 5. Dezember 2005 09:44 > > To: users@xxxxxxxxxxxxxxxx > > Subject: [users@httpd] Auth problem with Location > > > > > > Hello folks, > > > > I'd like to implement the following scenario: We have an > area, which > > must be accessible by everyone. There is an subfolder in > it, which has > > to be accessible by authorized users only. Below I noted the > > appropriate piece of httpd.conf for that: > > ---------------------------- > > <Location /myloc> > > Order Allow,Deny > > Allow from all > > </Location> > > > > <Location /myloc/confidential> > > Order Allow,Deny > > Allow from all > > AuthName "Confidentail Area, please login" > > AuthType Basic > > AuthUserFile /usr/local/apache/passwd/passwords > > Require valid-users > > </Location> > > ---------------------------- > > Unfortunately, it doesn't work. Still everybody can access the > > subfolder /myloc/confidential without any password dialogs. > I suppose, > > that the first Location block does have a higher priority, then the > > second one. > > No. Quite the reverse - the more specific Location/Directory > block takes precedence. This does not matter, I did try it. > > More likely, you have a "Satisfy any" directive somewhere at > a higher level (check the docs to see why this would be a problem...). I checked it one more time: I do not have the directive 'Satisfy..' in the config file. But it seems to be something like this (from http://httpd.apache.org/docs/2.0/sections.html section 'Webspace Containers'): ... The <Location> directive and its regex counterpart, on the other hand, change the configuration for content in the webspace. For example [added by Hermann Maurer: <Location /private>], the following configuration prevents access to any URL-path that begins in /private. In particular, it will apply to requests for http://yoursite.example.com/private, http://yoursite.example.com/private123, and http://yoursite.example.com/private/dir/file.html as well as any other requests starting with the /private string.... I understand it so, that the section <Location /myloc> overrides all the paths such /myloc/this, /myloc/that AND /myloc/confidential. Due to that the section <Location /myloc/confidential> is not used anymore. Is it right ? I experimented with that and found out, that if I use the following construction: <Location /myloc> Order Allow,Deny Allow from all AuthName "Restricted Area, please login" AuthType Basic AuthUserFile /usr/local/apache/passwd/restpasswd Require valid-users </Location> <Location /myloc/confidential> Order Allow,Deny Allow from all AuthName "Confidentail Area, please login" AuthType Basic AuthUserFile /usr/local/apache/passwd/confpasswd Require valid-users </Location> and call the url http://myserver/myloc/confidential then I'm asked for a password from /usr/local/apache/passwd/restpasswd and not for a one from /usr/local/apache/passwd/confpasswd. > > Rgds, > Owen Boyle > Disclaimer: Any disclaimer attached to this message may be ignored. > > PS - check the spelling of "Confidential".... It is correctly written. > > > > > Is it generally possible ? Should I use any LocationMatch > rules with > > regexp ? Can anybody give me an example for it ? Thank you ! > > > > Regards, > > Hermann Maurer > > > > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|