Re: Defining IPs in one place

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: Defining IPs in one place
From: "Liz Kim" <lizkim270@xxxxxxxxx>
Date: Tue, 6 Feb 2007 11:32:12 -0800
Delivered-to: mailing list users@xxxxxxxxxxxxxxxx
In-reply-to: <e498c1660702061109u26cf4816qffd92d3c244675fe@xxxxxxxxxxxxxx>
Mailing-list: contact users-help@xxxxxxxxxxxxxxxx; run by ezmlm
References: <3e9f0ea0702061035s45d83713p8602571bc4d2ffd9@xxxxxxxxxxxxxx> <e498c1660702061038x53704881ka3c7ce6545be00d2@xxxxxxxxxxxxxx> <3e9f0ea0702061043h36078215h50cc5340a12c700e@xxxxxxxxxxxxxx> <e498c1660702061109u26cf4816qffd92d3c244675fe@xxxxxxxxxxxxxx>
Reply-to: users@xxxxxxxxxxxxxxxx

You're right. I did not even state the problem clearly. Here I go again:

There is a directory /A which includes all our private data. /A is protected by allow/deny.
We want to add the option to access /A with a login/password when they are not on one of the allowed IP's.
This requires "Satisfy any".

Under /A, there are various directories with all sorts of different protections.
For example, there is /A/B which has a password protection.
Currently, a user has to be on a apporved domain (defined by the allow/deny protection on /A) to even get to the login/password prompt.

It would be ideal to keep the protections on /A/* as they are, while updating the protection on /A.
However, it seems that adding "Satisfy any" on /A is disabling the protections on directories under /A.
For example, /A/B now needs to satisfy any of /A's list of IP's, /A's password or /A/B's password.

The only solution I see is to define independent protections on /A and /A/*
For example, /A would "Satisfy any" with a list of IP's and a password.
/A/B would "Satisfy all" with the list of the same IP's a different password.

Is there an easier solution anyone can think of??

Thanks!

On 2/6/07, Joshua Slive <joshua@xxxxxxxx> wrote:

On 2/6/07, Liz Kim < lizkim270@xxxxxxxxx> wrote:
> Thanks Joshua..
> I think the solution to my prob might be:
> Define the list of IP's/hostname I want to allowed into /A
> Then to a satisfy any on /A - define allowed IP's and the password A
> a satisfy all on /B - define the IP's again here and the password B
> It seems like this would be the only way to solve this problem..

To be frank, you've never properly identified the problem.  The above
description is full of typos and lacks any significant punctuation,
making it impossible to interpret.  So I have no idea what you want or
how you plan on implementing it.

Good luck anyway.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html > for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

Follow-Ups:
- Re: Defining IPs in one place
  - From: Joshua Slive

References:
- Defining IPs in one place
  - From: Liz Kim
- Re: Defining IPs in one place
  - From: Joshua Slive
- Re: Defining IPs in one place
  - From: Liz Kim
- Re: Defining IPs in one place
  - From: Joshua Slive

Prev by Date: SV: Novice
Next by Date: unknown requests from localhost/127.0.0.1
Previous by thread: Re: Defining IPs in one place
Next by thread: Re: Defining IPs in one place
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]

Powered by Linux