I'm no expert, but I think.. 1. No 2. No 3. NA 4. What you're missing is that the url path in ScriptAlias matches from the start of the uri..it's not a substring match. For the authentication, I would THINK that the Location authentication would take effect, yes. For the script alias thing, you can probably get away with a regex using scriptaliasmatch ScriptAliasMatch ^/(dataentry|readonly)/cgi-bin/ /var/www/site1/cgi-bin/ -Tony ________________________________ From: André Warnier [mailto:aw@xxxxxxxxxx] Sent: Fri 27/02/2009 09:56 To: users@xxxxxxxxxxxxxxxx Subject: Alias/authentication precedence Hi. Apache 2.2 Suppose I have a VirtualHost configured (partially) such : DocumentRoot /var/www/site1/docs ScriptAlias /cgi-bin/ /var/www/site1/cgi-bin/ <Directory /var/www/site1/cgi-bin> Order Allow,Deny Allow from all SetHandler xxx ... </Directory> # Note : in the above directory is physically stored a script called "myscript.pl" <Location /dataentry> AuthType Basic AuthName dataentry ... Require user X </Location> <Location /readonly> AuthType Basic AuthName readonly ... Require valid-user </Location> and someone accesses this VHost via one of the URLs A) http://site1.company.com/dataentry/cgi-bin/myscript.pl?arg=x B) http://site1.company.com/readonly/cgi-bin/myscript.pl?arg=x 1) does the ScriptAlias above "match" URL (A) ? 2) does the ScriptAlias above (also) match URL (B) ? 3) if yes, is the authentication requirement in the corresponding <Location> section invoked first (or at all), or do the ScriptAlias and Directory "trump" the Location(s) ? 4) Am I missing something fundamental here ? Background : basically I want to know if I can have a single copy of script "myscript.pl" located under /var/www/site1/cgi-bin/, and invoke it in different ways submitted to different authentication/authorization criteria, leaving the script to figure out how it has been called (though the URL path component). Or if I need to duplicate the script as e.g. ScriptAlias /dataentry/cgi-bin/ /var/www/site1/cgi-bin/dataentry ScriptAlias /readonly/cgi-bin/ /var/www/site1/cgi-bin/readonly etc.. (corresponding Directory and AAA rules) Thanks --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
<<winmail.dat>>
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx