On Mon, Jan 19, 2009 at 4:58 PM, Sheldon Ross <sross@xxxxxxxxxxxx> wrote: > I can't seem to find information on using password authentication within > a <Location> tag. > > I've used .htaccess files in directories, but I'm using mod_jk to > connect to tomcat and a status worker, and would like to restrict access > to the status worker. There is no directory to put .htaccess in so how > would I accomplish this? > > I tried putting > AuthType Basic > AuthName "Private Area" > AuthUserFile /etc/apache2/htusers > Require valid-user > in the location tag, but it never prompts for user and password it just > says forbidden. > > Thanks > > Sheldon Your basic idea is correct, but you're probably missing something simple. To start, try adding the "Satisfy All" inside the location tag. If anything "above" the location has granted access without the password, and you have "Satisfy Any" hanging around, then it will let them in. Hope that helps, -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://pgp.mit.edu/ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|