Re: Don't require authentication on a subfolder

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, 2009-07-30 at 13:49 -0600, Scott Brady wrote:
> I'm trying to find a way to require authentication (using
> mod_auth_sspi)  on an entire website except for one specific folder,
> which I want freely accessible. However, I've been having issues
> getting that to work. I've tried setting SSPIAuth Off on the
> subfolder, but that didn't work. Is there something I'm missing?
> 
>  
> 
> Here’s the relevant part of my vhosts file entry for that site:
> 
>                 <Directory / >
> 
>                                 AuthName "Enter your login"
> 
>                                 AuthType SSPI
> 
>                                 SSPIAuth On
> 
>                                 SSPIAuthoritative Off
> 
>                                 SSPIDomain mydomain.lan
> 
>                                 SSPIOfferBasic On
> 
>                                 Require valid-user
> 
>                 </Directory>
> 
> # This is the folder I want freely accessible
> 
>                 <Directory /mySubFolder/ >
> 
>                                 SSPIAuth Off
> 
>                 </Directory>
> 
>  
> 
> Thanks!
> 
> -----------------------------------
> 
> Scott Brady
> 
> Lead Application Developer
> 
> Memolink, Inc.
> 

Do you understand the difference between <Directory> and <Location>?

<Directory> refers to a physical on disk directory, and the rules within
it are applied to any file served from within that directory, or
sub-directory. <Location> refers to the requested URL. 

In your example, with your first <Directory> you are restricting any
file loaded from the directory / or any subdirectory, which is, I'm
sure, not your intention. Your second <Directory> is then trying to
remove authentication, but it will only do it for files loaded from the
disk directory /mySubFolder/.

I'm pretty sure you just want <Location> containers rather than
<Directory>, like so:

<Location />
   # All your SSPI directives here
</Location>

<Location /public/>
  Allow from all
  Satisfy any
</Location>

Cheers

Tom


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux