Re: Don't require authentication on a subfolder

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Scott Brady wrote:
That worked (I had to put the "/public/" before the "/" 

and remove the trailing slash in "/public/", but it worked).



Just to nitpick a bit :
The fact that you are using mod_SSPI leads me to believe you are running Apache on a Windows host. 
In that case, you should read this document carefully :

http://httpd.apache.org/docs/2.2/mod/core.html#location

and particularly reflect on this paragraph :
<Location> sections operate completely outside the filesystem. This has several consequences. Most importantly, <Location> directives should not be used to control access to filesystem locations. Since several different URLs may map to the same filesystem location, such access controls may by circumvented. 

What that means is explained more completely here :

http://httpd.apache.org/docs/2.2/sections.html

in the section "What to use When".

If that is still not entirely clear, here is a summary :
- the Windows filesystem, in terms of locatiing directories and filenames, is case-insensitive. In other words, "/dir" and "/DIR" and "/Dir" all lead to same place. - the Apache <Location> directive applies to the URL, and IS case-sensitive. In that case, "/public" and "/PUBLIC" are 2 different URLs. 

So your section
<Location /public>
applies only to browser requests that come in as "http://yourhost/public";. It does not apply if a request comes as "http://yourhost/PUBLIC";, although for both URLs, Apache will server the content of the same disk directory.
In your specific case, it does not really matter, because your intention is to release the security for your "public" directory, compared to the rest of the site. 
But don't do the same for a "secret" part of your site.



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux