Re: [users@httpd] mod_auth_mysql

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] mod_auth_mysql
From: paredes <paredes@xxxxxxxxxxxx>
Date: Wed, 19 Jul 2006 18:51:59 -0400
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxx
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxxxx
Delivered-to: mailing list users@xxxxxxxxxxxxxxxx
In-reply-to: <11BBAD2D3ADA85418C9E424CE164B29F029EDE5D@xxxxxxxxxxxxxxxxxxxxxxx>
Mailing-list: contact users-help@xxxxxxxxxxxxxxxx; run by ezmlm
References: <11BBAD2D3ADA85418C9E424CE164B29F029EDE5D@xxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: users@xxxxxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.4 (Macintosh/20060530)

Greetings Michael!

What should work is the following:

<Directory /var/www/localhost/htdocs>

deny from all
allow from 10.0.0.72

AuthName "MailSource UK Intranet Zone, authentication required"
AuthType Basic
AuthMySQLHost localhost
AuthMySQLEnable on
AuthMySQLUser xxxxxxx
AuthMySQLPassword xxxxxxx
AuthMySQLDB auth
AuthMySQLUserTable users
AuthMySQLNameField user_name
AuthMySQLPasswordField user_passwd
AuthMySQLGroupTable groups
AuthMySQLGroupField user_group
Require group user admin

satisfy any

</directory>

William Paredes
Computer Based education
Albert Einstein College of Medicine
Bronx, New York USA


Michael Luff wrote:


Hi Elaine,

Many thanks for the help, I’ve now got:

<Directory /var/www/localhost/htdocs>

AuthName "MailSource UK Intranet Zone, authentication required"

AuthType Basic

AuthMySQLHost localhost

AuthMySQLEnable on

AuthMySQLUser xxxxxxx

AuthMySQLPassword xxxxxxx

AuthMySQLDB auth

AuthMySQLUserTable users

AuthMySQLNameField user_name

AuthMySQLPasswordField user_passwd

AuthMySQLGroupTable groups

AuthMySQLGroupField user_group

# This next line controls which group(s) can access the resource

AllowOverride none

Require group user admin

Order allow,deny

Allow from 10.0.0.72

Satisfy Any

</Directory>

But now anyone can access it, not just the IUP address I’ve specified!I can’t seem to get around this all or nothing problem.


Can you see anything I’ve done wrong?

Regards,

Michael.

*From:* elaine [mailto:elaine@xxxxxxxxxxxxxxxx]
*Sent:* 19 July 2006 13:49
*To:* users@xxxxxxxxxxxxxxxx
*Subject:* Re: [users@httpd] mod_auth_mysql

Michael,

Try to use the "allow" and "satisfy" directives.
This is an example, that we use to protect our intranet access :

(Note that the IP's and server name were modified, and we use the denydirective

to refuse connections from reception kiosk.)

<Limit GET PUT POST>

# Allow access only to authenticated users from MySQL
# or users that are in the intranet
# (except IP xx.xx.xx.xx : reception kiosk)

require valid-user
Order allow,deny
Deny from xxx.xxx.xx.x

# Allow access from our internal network without
# username and password

Allow from example.com

Satisfy any
</Limit>


You can read more details about Satisfy directive :

http://httpd.apache.org/docs/2.2/mod/core.html#satisfy

Regards,
Elaine

Michael Luff wrote:

Hi All,

I’ve got mod_auth_mysql working nicely but I would like the users onmy internal network not to have to enter a username and password, justpeople accessing from outside.

I’ve tried various solutions using Order deny,allow; allow from and soforth but with no luck, I end up with everyone being prompted or no-one.

Here’s my unmodified <Directory> command from my httpd.conf thatrequires everyone to supply a password, can anyone suggest how I canmodify it to allow access from 10.0.0?


<Directory /var/www/localhost/htdocs>

AuthName "authentication required"

AuthType Basic

AuthMySQLHost localhost

AuthMySQLEnable on

AuthMySQLUser xxxxxx

AuthMySQLPassword xxxxxxx

AuthMySQLDB auth

AuthMySQLUserTable users

AuthMySQLNameField user_name

AuthMySQLPasswordField user_passwd

AuthMySQLGroupTable groups

AuthMySQLGroupField user_group

# This next line controls which group(s) can access the resource

require group user admin

</Directory>

Regards,

*Michael Luff** *MSc B.Eng (Hons) MIET*
**Facilities & Systems Manager *

T: +44 (0)20 8614 7604
F: +44 (0)20 8614 7601
M: +44 (0)7976 404956
E: Michael.luff@xxxxxxxxxxxxxxxx <mailto:Michael.luff@xxxxxxxxxxxxxxxx>

*MailSource UK Limited *

- Europe's leading specialist in integrated document delivery solutions

- Holders of the RoSPA Health & Safety Gold Medal 2006/2007

Northumberland House

15 Petersham Road

Richmond-upon-Thames

Surrey TW10 6TP

*www.mailsource.co.uk <http://www.mailsource.co.uk/>*

*MailSource UK Limited *

- Europe's leading specialist in integrated document delivery solutions

- Holders of the RoSPA Health & Safety Gold Medal 2006/2007

Northumberland House

15 Petersham Road

Richmond-upon-Thames

Surrey TW10 6TP

*www.mailsource.co.uk <http://www.mailsource.co.uk/>*



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

References:
- RE: [users@httpd] mod_auth_mysql
  - From: Michael Luff

Prev by Date: Re: [users@httpd] help with rewrite rule
Next by Date: [users@httpd] SSI includes on .jsp pages
Previous by thread: RE: [users@httpd] mod_auth_mysql
Next by thread: RE: [users@httpd] mod_auth_mysql
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]