httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Lopez <dan...@rawbyte.com>
Subject Re: Passwords that don't apply to a specific host address?
Date Wed, 07 Aug 2002 22:20:06 GMT

> I'm using Apache with my own search engine. It reads and indexes all the files on my
file server, and allows users to search for stuff (similar to Google).
> 
> Some of the content (specific directories) are sensitive so I want a password prompt
when people go there (either via a "Hit" when searching, or directly if they know the URL).
> 
> I don't want the search engine to require a password, as it wouldn't be able to answer
the usual browser prompt!
> 
> I've used "Authtype",  "Require user" etc go give me the password login prompt, but what
about "Allow from 10.0.0.4" type of commands (the IP address of the web search server)??
> 
> Are these two concepts mutually exclusive?
> 
> Any idea of how to have the users prompted for a password, but the search server (while
it's crawling) NOT?

>From the top of my head:

Order deny,allow
Deny from all
Allow from 10.0.0.4
Require valid-user
Satisfy any

The key is satisfy any: the request will be served if the user comes from a
specific IP address or provides a valid username

Daniel

-- 
Teach Yourself Apache 2 -- http://apacheworld.org/ty24/

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message