httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <>
Subject Re: Some authorisation clarification
Date Wed, 29 Nov 2006 12:19:02 GMT
On Wed, 29 Nov 2006 10:46:20 +0200 (SAST)
"Graham Leggett" <> wrote:

> Basically I have a password protected URL space /, and a more specific
> differently protected URL space /bugzilla. No matter what config I
> try, it seems that the config for / always wins, and the config
> for /bugzilla is always ignored.

When the configuration is merged, the one that appears later in
httpd.conf overrides the other where there is conflict.

What Satisfy value are you using?

> - "AuthName Username" has no effect - the browser (FF) chooses a
> default realm which seems to be "Authorised Access Only", instead of
> "Username".

Sounds like something you omitted.

> - According to the docs, both AuthType and AuthName can only appear in
> Directory or .htaccess, but not Location. I cannot see any reason why
> basic auth should only work for physical files on the filesystem.
> Either way, using it in a Location tag does not throw any error.

The <Directory> context implies <Location> and <Files>.

Nick Kew

Application Development with Apache - the Apache Modules Book

View raw message