Eric Covener wrote:
On Thu, Jan 15, 2009 at 9:09 AM, Brian Mearns <mearns.b@xxxxxxxxx> wrote:The only thing I can think of is reversing the orders of the Location tags, i.e., have the more global one come first.I know OP reported that this failed, but I think this is the route to pursue.
Did you try "AuthType none" in the sub-location ?I think I remember having this same kind of issue before, and to have found that the problem is that an authentication method is always "inherited" from the parent dir/location, unless specifically overridden by a new one.
I can think of a rather clumsy way of overcoming this, roughly as follows (not tried, but maybe worth a try).
Say you currently have something like this :
directory structure :
/var/www/docs/* (must stay protected)
/var/www/docs/unp/... (stuff to unprotect)
DocumentRoot /var/www/docs
<Location />
(protected)
</location>
<Location /unp>
(would like to unprotect, but currently does not work)
</Location>
Then you could change this as follows :
directory structure :
/var/www/docs/unp/* (stuff to unprotect)
/var/www/docs/prot/* (everything else, must stay protected)
and nothing in /var/www/docs itself apart from the above.
DocumentRoot /var/www/docs
RewriteCond %{REQUEST_URI} !^/unp/
RewriteRule ^/(.*)$ /prot/$1 [PT]
<Directory /prot>
AuthType Basic
....
</Directory>
<Directory /unp>
(no auth)
</Directory>
The idea would be to catch all requests not starting with "/unp/", and
re-writing these to "/prot/*". They would then fall under the later
Auth, while the /unp/ ones would not.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|