httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: .htaccess - how to make reference to multiple AuthUserFile
Date Mon, 05 Aug 2002 08:38:42 GMT
>From: GEOK TING TAN [mailto:TAN_GT@klse.com.my]
>
>I am running Apache 1.3.26 on Solaris 2.8.  I am using 
>.htaccess file to authenticate users when they access the home 
>pages.  Different password files are created to allow userID 
>and password adminstration by different personnel.
>
>I have created a .htaccess file under a directory :
>
>AuthUserFile /opt/httpd/passwd
>AuthUserFile /opt/httpd/passwd2
>AuthName "MEMBER ONLINE SERVICES"
>AuthType Basic
><Limit GET POST>
>require valid-user
></limit>
>
>The intention is to allow users to access all the files under 
>the directory when users exist in either /opt/httpd/passwd or 
>/opt/httpd/passwd2.  The outcome was that if userA exist in 
>file "passwd"  and not "passwd2", the userA would encounter 
>authorisation error. However, if userA exist in passwd2, the 
>userA has no authorisation problem.

This behaviour is what I would expect. When faced with directive overloading like this, apache
usually takes the last directive, so "AuthUserFile passwd2" overwrites "AuthUserFile passwd".

I don't think there is a way to do this in apache, so I would recommend a workaround in unix,
e.g. a root crontab entry like:

* * * * * cd /opt/httpd; cat passwd2 passwd > combined_passwd

will concatenate the two files every minute to make a combined file. Then change the directive
to:

AuthUserFile /opt/httpd/combined_passwd

Rgds,
Owen Boyle

PS I would remove <Limit GET POST> - it is unnecessary...

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message