|
I have an apache server that was initially
set up for intranet access, so I didn't have to worry much about
locking it down. Later on, I needed to open it up to the internet, so I put an ldap authentication directive in the <Directory "/var/www/html"> section of the httpd.conf like so: Order allow,deny AuthBasicProvider ldap AuthType Basic AuthzLDAPAuthoritative on AuthName "MyCompany Intranet" AuthLDAPURL "ldap://myldapserver.mydom AuthLDAPBindDN "CN=Administrator,CN=Users AuthLDAPBindPassword "MyPassword" Require valid-user # Allow from all Allow from 192.168.1 Allow from 10.254.0 Satisfy any This basically made it so that local users could get in with no password, and external users had to authenticate against our ADS domain to get in. Now things get more complicated. I have an app that I run that distinguishes between users by appending a cgi variable to the end of a URL, so I setup a .htaccess file in the root of my web directories (/var/www/html) as follows: RewriteEngine on RewriteBase / RewriteRule ^foo/(.*)$ some/really/long/url/$1?te RewriteRule ^bar/(.*)$ some/really/long/url/$1?te This works really great. Clients type in http://myserver.mydomain.c Here's where the problem comes in. I'd like to define *separate* authentication parameters for the /foo and /bar virtual directories. No matter what I try, the authentication is always overridden by the ldap setup in my http.conf above. What am I doing wrong and what can I do to achieve my goal? Is it even possible? |
|