Apache 2.2.4 with mod_ssl Can someone please confirm that the following is impossible using only certificates and SSLRequire. /Directory: only user 1 has access /Subdirectory to Directory: only user 2 has access The problem is that, one can either: b. give access to /Directory to user 1 with a SSLRequire expression that only user 1 can satisfy, but then user 2 cannot get access to /subdirectory, because the SSLRequire expression for /Directory gets passed down. or b. give access to /Directory for both users 1 and 2 with a SSLRequire expression, while a more restrictive expression can prevents access to /subdirectory for user 1. Neither of these alternatives is desirable. The idea is for each user to have access to only the directory or the subdirectory, but not both. The manual mentions that SSLRequire "is a very powerful directive because the requirement specification is an arbitrarily complex boolean expression containing any number of access checks," but I don't think it can handle this kind of differential, individual per-directory access -- but maybe my understanding of boolean logic is too limited. Thanks for any insight. Sincerely, Seth Chaiklin --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|