httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] Authentication against W2K-Server
Date Mon, 17 Feb 2003 13:18:54 GMT
>-----Original Message-----
>From: Jamie.Kerwick@benenden.org.uk
>
>Oh I forgot the add, how can I make a directory so that it 
>doesn't use the
>NTLM authentication, so that I can store my error documents 

I don't know anything about NTLM but for the general problem when you
have Authentication required at the DocumentRoot (and therefore in every
subdirectory) but want to disable it for one subdirectory, use the
"Satisfy" directive, i.e.

	<Directory /path/to/docroot>
	  Allow from all
	  Satisfy all
	</Directory>

	<Directory /path/to/docroot/subdir>
	  Satisfy any
	</Directory>

In the first container, "Allow from all" allows access from any IP
address for the whole site. 

Then, "Satisfy all" requires that the request satisfies the check on IP
*and* the password check. In other words, password checking is ON.

In the second container, "Satisfy any" requires that the request
satisfies the check on IP *or* the password check. In other words,
password checking is OFF since the IP check will always work.

Rgds,
Owen Boyle

>(obviously I
>don't want to restrict access to the 401 error page!!).
>
>Ta,
>
>Jamie
>
>--------------------------------------------
>Jamie.kerwick@benenden.org.uk
>ITS
>Internal Extension : 5806
>Direct Dial        : 0870 754 5806
>--------------------------------------------
>
>-----Original Message-----
>From: Jamie.Kerwick@benenden.org.uk 
>[mailto:Jamie.Kerwick@benenden.org.uk] 
>Sent: 17 February 2003 11:47
>To: users@httpd.apache.org
>Subject: RE: [users@httpd] Authentication against W2K-Server
>
>
>First my tech specs: Linux Mandrake 9.0, Apache 1.3.26.
>
>Well basically I have setup a .htaccess file in the DocRoot, as so:
>
>.htaccess
>=================
>AuthType NTLM
>NTLMAuth on
>NTLMAuthoritative on
>NTLMDomain DOMAINNAME
>NTLMServer picard
>NTLMServer riker
>
>AuthName ByPassword
>
><Files "*">
>require valid-user
></Files>
>=================
>
>And a separate trek.conf file which is included in httpd.conf
>
>trek.conf
>======================
>## Jamie's test conf file for apache to setup departmental 
>aliases Alias /it
>/home/its/www Alias /admin /home/admin/www Alias /benefits
>/home/benefits/www Alias /ce_corner /home/cecorner/www Alias /finance
>/home/finance/www Alias /hr /home/hr/www Alias /marketing
>/home/marketing/www Alias /members /home/members/www Alias /newsletter
>/home/newsletter/www Alias /socialclub /home/socialclub/www Alias /test
>/home/kerwick_j/test/ ##<Directory "/home/*/www">
>##         Order allow,deny
>##         Allow from all
>##</Directory>
>ErrorDocument 404 /errorpages/error404.php
>ErrorDocument 401 /errorpages/error401.php =======================
>
>While the NTLM authentication works fine for everything in 
>DocRoot and REAL
>sub-directories, it doesn't work for any of these aliased VIRTUAL
>sub-directories (tho it does work in user directories /~username/)
>
>Where can I put the bit in the .htaccess file so that it will 
>apply to the
>entire site (or at least ALL .htm(l), .cgi, .pl and .php files)
>
>Thanks for your help,
>
>Jamie
>--------------------------------------------
>Jamie.kerwick@benenden.org.uk
>ITS
>Internal Extension : 5806
>Direct Dial        : 0870 754 5806
>--------------------------------------------
>
>-----Original Message-----
>From: Marriner, Bruce W. [mailto:BruceM@red-man.com] 
>Sent: 14 February 2003 14:59
>To: users@httpd.apache.org
>Subject: RE: [users@httpd] Authentication against W2K-Server
>
>
>
>
>	Yep, that's one of the versions of code I have :).  But 
>it didn't
>work so well for my enviroment.  Not fully understanding 
>apache modules or
>the code itself in areas I decided to rip it apart to it's most basic
>elements.  It works now for me :).  Now what apache directives 
>are giving
>you trouble?
>
>-----Original Message-----
>From: Jamie.Kerwick@benenden.org.uk 
[mailto:Jamie.Kerwick@benenden.org.uk]
Sent: Friday, February 14, 2003 8:40 AM
To: users@httpd.apache.org
Subject: RE: [users@httpd] Authentication against W2K-Server


I have actually being testing various modules for exactly this purpose,
so
far I have found the one mentioned in this discussion thread,
http://www.phpbuilder.com/board/showthread.php?threadid=10207961&goto=ne
wpos
(and hosted fully patched here http://perso.club-internet.fr/hernanf/ to
work OK (in linux I had to refer to the PDC & SDC by name NOT IP address
for
it to work). 

I am just having problems with my apache directives to get it to work in
aliased sub-directories (hence my sub to this list)




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message