httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <>
Subject Re: denying access to a sub dir when parent dir has access
Date Fri, 16 Aug 2002 19:47:57 GMT
Chris Cheshire wrote:

> This is working exactly as I want it to. However, for security for 
> tomcat, I want to do the standard locking down of the WEB-INF & META-INF 
>  directories in the context. Because of the order of parsing the 
> Directory, Location & Files Directives either of the following are 
> ignored completely when the access is satisfied from above:

Actually, I suspect it is the "Satisfy Any" that is causing your problem 
since apache will not evaluate the host-based access controls if it can 
authenticate with basic auth.  Try adding "Satisfy all" to your 
restrictive sections.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message