I can't figure out how to accomplish the following access permissions. - https://www.example.org/projects/ maps to /var/www/projects/- The projects folder has access restrictions, only valid-users may view /projects or subdirectories
- All valid-users may view (the autoindex of) /projects- By default, no one may view any subdirectory, unless it is explicitly enabled (e.g. by a "require group mygroup")
I attempted to accomplish this with:
<Directory "/var/www/projects/">
AuthName "My projects"
AuthType Digest
AuthDigestDomain /projects/ https://www.example.org/projects/
AuthDigestProvider file
AuthUserFile /etc/apache2/users.dav
AuthGroupFile /etc/apache2/groups.dav
Require valid-user
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory ~ "^/var/www/projects/$">
Allow from all
</Directory>
<Directory "/var/www/projects/myproject1/">
Allow from all
Require group mygroup1
</Directory>
The first and last Directory directive seem to work fine, but the middle
<Directory ~ "^/var/www/projects/$"> never seem to match. At least, I
get a 403 Forbidden when accesssing https://www.example.org/projects/.
If I replace this directive with a <Directory ~ "^/var/www/projects/"> (thus removing the $), I get a autoindex of /projects, but obviously also of subdirectories, which is not what I want.
I also tried <Directory ~ "^/var/www/projects$"> and <Location ~ "^/projects/$">, but that all gives a 403 Forbidden.
I have the feelings I'm missing something obvious here. I'm using Apache 2.2.9 on Debian Lenny.
How could I make this work? Regards, Freek Dijkstra --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|