httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jamie.Kerw...@benenden.org.uk
Subject RE: [users@httpd] Authentication against W2K-Server
Date Fri, 21 Feb 2003 15:34:30 GMT
Thanks for this, I have tried a slight variation (just to allow 127.0.0.1
access for a search engine's crawler) of what you suggested and it works
fantastic !! 

My error pages even work now too!

Thanks again,

Jamie

--------------------------------------------
Jamie.kerwick@benenden.org.uk
ITS
Internal Extension : 5806
Direct Dial        : 0870 754 5806
--------------------------------------------

-----Original Message-----
From: Boyle Owen [mailto:Owen.Boyle@swx.com] 
Sent: 17 February 2003 13:19
To: users@httpd.apache.org
Subject: RE: [users@httpd] Authentication against W2K-Server
Importance: High


>-----Original Message-----
>From: Jamie.Kerwick@benenden.org.uk
>
>Oh I forgot the add, how can I make a directory so that it
>doesn't use the
>NTLM authentication, so that I can store my error documents 

I don't know anything about NTLM but for the general problem when you have
Authentication required at the DocumentRoot (and therefore in every
subdirectory) but want to disable it for one subdirectory, use the "Satisfy"
directive, i.e.

	<Directory /path/to/docroot>
	  Allow from all
	  Satisfy all
	</Directory>

	<Directory /path/to/docroot/subdir>
	  Satisfy any
	</Directory>

In the first container, "Allow from all" allows access from any IP address
for the whole site. 

Then, "Satisfy all" requires that the request satisfies the check on IP
*and* the password check. In other words, password checking is ON.

In the second container, "Satisfy any" requires that the request satisfies
the check on IP *or* the password check. In other words, password checking
is OFF since the IP check will always work.

Rgds,
Owen Boyle

>(obviously I
>don't want to restrict access to the 401 error page!!).
>
>Ta,
>
>Jamie
>
>--------------------------------------------
>Jamie.kerwick@benenden.org.uk
>ITS
>Internal Extension : 5806
>Direct Dial        : 0870 754 5806
>--------------------------------------------
>
>-----Original Message-----
>From: Jamie.Kerwick@benenden.org.uk
>[mailto:Jamie.Kerwick@benenden.org.uk] 
>Sent: 17 February 2003 11:47
>To: users@httpd.apache.org
>Subject: RE: [users@httpd] Authentication against W2K-Server
>
>
>First my tech specs: Linux Mandrake 9.0, Apache 1.3.26.
>
>Well basically I have setup a .htaccess file in the DocRoot, as so:
>
>.htaccess
>=================
>AuthType NTLM
>NTLMAuth on
>NTLMAuthoritative on
>NTLMDomain DOMAINNAME
>NTLMServer picard
>NTLMServer riker
>
>AuthName ByPassword
>
><Files "*">
>require valid-user
></Files>
>=================
>
>And a separate trek.conf file which is included in httpd.conf
>
>trek.conf
>======================
>## Jamie's test conf file for apache to setup departmental
>aliases Alias /it
>/home/its/www Alias /admin /home/admin/www Alias /benefits
>/home/benefits/www Alias /ce_corner /home/cecorner/www Alias /finance
>/home/finance/www Alias /hr /home/hr/www Alias /marketing
>/home/marketing/www Alias /members /home/members/www Alias /newsletter
>/home/newsletter/www Alias /socialclub /home/socialclub/www Alias /test
>/home/kerwick_j/test/ ##<Directory "/home/*/www">
>##         Order allow,deny
>##         Allow from all
>##</Directory>
>ErrorDocument 404 /errorpages/error404.php
>ErrorDocument 401 /errorpages/error401.php =======================
>
>While the NTLM authentication works fine for everything in
>DocRoot and REAL
>sub-directories, it doesn't work for any of these aliased VIRTUAL
>sub-directories (tho it does work in user directories /~username/)
>
>Where can I put the bit in the .htaccess file so that it will
>apply to the
>entire site (or at least ALL .htm(l), .cgi, .pl and .php files)
>
>Thanks for your help,
>
>Jamie
>--------------------------------------------
>Jamie.kerwick@benenden.org.uk
>ITS
>Internal Extension : 5806
>Direct Dial        : 0870 754 5806
>--------------------------------------------
>
>-----Original Message-----
>From: Marriner, Bruce W. [mailto:BruceM@red-man.com]
>Sent: 14 February 2003 14:59
>To: users@httpd.apache.org
>Subject: RE: [users@httpd] Authentication against W2K-Server
>
>
>
>
>	Yep, that's one of the versions of code I have :).  But
>it didn't
>work so well for my enviroment.  Not fully understanding 
>apache modules or
>the code itself in areas I decided to rip it apart to it's most basic
>elements.  It works now for me :).  Now what apache directives 
>are giving
>you trouble?
>
>-----Original Message-----
>From: Jamie.Kerwick@benenden.org.uk
[mailto:Jamie.Kerwick@benenden.org.uk]
Sent: Friday, February 14, 2003 8:40 AM
To: users@httpd.apache.org
Subject: RE: [users@httpd] Authentication against W2K-Server


I have actually being testing various modules for exactly this purpose, so
far I have found the one mentioned in this discussion thread,
http://www.phpbuilder.com/board/showthread.php?threadid=10207961&goto=ne
wpos
(and hosted fully patched here http://perso.club-internet.fr/hernanf/ to
work OK (in linux I had to refer to the PDC & SDC by name NOT IP address for
it to work). 

I am just having problems with my apache directives to get it to work in
aliased sub-directories (hence my sub to this list)




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission. If
you receive this message in error, please notify the sender urgently and
then immediately delete the message and any copies of it from your system.
Please also immediately destroy any hardcopies of the message. You must not,
directly or indirectly, use, disclose, distribute, print, or copy any part
of this message if you are not the intended recipient. The sender's company
reserves the right to monitor all e-mail communications through their
networks. Any views expressed in this message are those of the individual
sender, except where the message states otherwise and the sender is
authorised to state them to be the views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message