On 6/1/07, Liz Kim <lizkim270@xxxxxxxxx> wrote:
Hello, I have a question about multi-layered authentication. Say there are 3 directories A, B and C /A /A/B /A/B/C 1. Users with a login/password or on the <xxx.com > domain to be able to access A: <Directory /A> AuthUserFile a_passwd AuthType Basic Require valid-user order deny,allow deny from all allow from xxx.com Satisfy any </Directory> 2. ONLY users on domain <yyy.com> are allowed to B: <Directory /A/B> order deny,allow deny from all allow from yyy.com </Directory> 3. ONLY users on domain <zzz.com> are allow to C: <Directory /A/B/C> order deny,allow deny from all allow from zzz.com </Directory> It appears that both 2 and 3 are not working correctly. They still prompt for a login/password acting like a "Satisfy any"... When I tried to put "Satisfy All" for 2 and 3, even the users coming from an allowed domain are prompted for a login/passwd.
There is no way to turn require off once it is on. You can do Require non-existant-user in the subdirectories to make sure that nobody can every use a password to enter. But you'll still get the auth prompt. The only way around this would be to move the subdirectories to a different part of the filesystem, and then Alias them back into the proper place in the webspace. Then the auth directives wouldn't be inherited. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|