On Thu, Jan 15, 2009 at 8:51 AM, Jan Hoskens <jan.hoskens@xxxxxxxxx> wrote: > Hi all, > > After some digging in the Apache docs I managed to come up with the > following configuration snippet to secure my whole server excluding one > directory: > > <Location /proxyserver> > Order deny,allow > Allow from all > Satisfy any > ProxyPass http://someproxyserver.com > ProxyPassReverse http://someproxyserver.com > </Location> > > <Location /> > AuthType Basic > AuthName "myserver" > AuthUserFile /path/to/userfile > AuthGroupFile /path/to/groupfile > Require group mygroup > </Location> > > Now for some reason the "/proxyserver" location still asks for a > user/password, but allows entry nonetheless. I get a pop-up three times > which I can just cancel and then I can access the page. > > Any idea how to avoid this? I need to access that location > programmatically and I get confronted with an authorization which I > don't want to handle in my code... > > Kind Regards, > Jan > The only thing I can think of is reversing the orders of the Location tags, i.e., have the more global one come first. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://pgp.mit.edu/ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx