httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 43196] - Require statement not honored.
Date Wed, 29 Aug 2007 14:44:26 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43196>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=43196





------- Additional Comments From rici@ricilake.net  2007-08-29 07:44 -------
(In reply to comment #12)
> (In reply to comment #11)

> So you are saying that the <Location /> "wins" over the .htaccess inside the
> directory because is merged last and the thing that we put inside the
> <Directory> an "AllowOverride All" does non count at all...

The .htaccess file is being read. It's just not being applied last, so the
<Location /> section can still override it's settings.

 
> The fact that mod_autoindex is not showing the files in any case is highly
> misleading. A non careful administrator could just stop there and conclude that
> "yes it's working". So either also mod_autoindex shows the files or also
> mod_authnz_ldap behaves as mod_autoindex. We cannot have to modules that work in
> so different way on a so crucial thing.

Yes, that is a problem, but it's not specific to mod_authnz_ldap. Any
access control, even mod_access, would have the same behaviour, as far as
I know. But I believe the basic problem is trying to use a <Location>
section with a filesystem-mapped site. If you'd used <Directory /> to set
defaults, it probably would have worked as expected.

> 
> Moreover this way the admin lose a lot of power on fine-grained access control
> and easiness of configuration.

I don't see why the use of a <Location> block is required to give fine-grained
access control.

> 
> But anyway those are just my opinions, on the other hand what is your advice?
> Just change the <Location /> for the root <Directory ...> and then specify
other
> Locations residing outside that directory if needed?

With the exception of changing Location to Directory in the last line, yes.
> Thanks
> Stefano



-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message