i'm trying to setup something which seems like it should be quite simple, underneath a hierachry which is protected via htpasswd digest auth i'd like to also allow unauthenticated access from inside our intranet. this task is complicated by the fact that our proxy setup makes all requests look like internal requests with respect to REMOTE_ADDR. HTTP_CLIENT_IP, however, correctly reflects the originator. my .htaccess looks like this: SetEnvIfNoCase Client-Ip ^123\.456 INTRANET=123.456 AuthType Digest AuthName "eog-nrt" AuthDigestFile /eog/nrt/www/htpasswd Require valid-user #Allow from env=INTRANET #Satisfy Any IndexOrderDefault Descending Date AddDescription "DMSP Archive" *.d.tgz this works insomuch as that the environment var INTRANET is indeed set only for intranet requests. if i un-comment the above commented lines Allow from env=INTRANET Satisfy Any the __all__ requests, whether authenticated or not, intranet based or not, are allowed? does this make sense? i'm sure that is based on a mis-understanding on my part about Order/Allow/Deny, but i'm sure what i'm trying to do should be possible solely from this .htaccess file. thoughts? ps. any thoughts on why 'Allow from x.x.x.x' uses REMOTE_ADDR and not HTTP_CLIENT_IP? kind regards. -a -- if you want others to be happy, practice compassion. if you want to be happy, practice compassion. -- the dalai lama --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|