httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: authorization question
Date Fri, 10 May 2002 14:56:52 GMT
On Fri, 10 May 2002, Darryl Cook wrote:
> Inside the httpd.conf file I have a directory section for
> /usr/local/etc/httpd/htdocs/u/students which requires a password.  This
> works fine except for the case where you put in a browser
> httpd://server/~student-name.  It bypasses the password and lets you
> right in.  If I put in httpd://server/students/student-name it requires
> a password.
>
> Question:  How do I require the password for the ~student-name entry?
> (without using .htaccess)

There are a couple important details missing, but I should still be
able to give some suggestions.  The main reason you are facing a problem
is that you are mixing symlinks with multiple URLs accessing the same
content.  This can certainly get you into trouble.

My first suggestion would be to change your UserDir to
UserDir /usr/local/etc/httpd/htdocs/u/students

This would assure that all requests to the user directories go through
the symbolic links, rather than some going through the links, and some
going directly.

Second, assuming your user directories live under /home/students (or
something similar, you could use something like

<Directory /home/students/*/public_html>
# repeat the same auth directives as for
# /usr/local/etc/httpd/htdocus/u/students
</Directory>

Joshua.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message