httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Ricardo Anton <e...@telcomanager.com>
Subject Re: [users@httpd] How to protect a whole website, except specific directories
Date Wed, 23 Jul 2003 14:18:45 GMT

	Boyle,

	It worked perfectly.

	Thank you very much for your help.

	Eric	:-)


Boyle Owen wrote:
>>-----Original Message-----
>>From: Eric Ricardo Anton [mailto:eric@telcomanager.com]
>>
>>	I am using authentication to restrict access to a 
>>website. My problem 
>>is that I want the whole website to be protected, except for one 
>>specific directory. How can I accomplish this?
>>
>>	When I set authorization for
>><Directory "/usr/local/apache2/htdocs">, even the 
>>"/usr/local/apache2/cgi-bin" directory gets affected and 
>>authentication 
>>is required.
>>
>>	How can I specify that a directory mustn’t be authenticated?
> 
> 
> You have to make use of the "Satisfy" directive. This directive allows
> you to make AND/OR logic constructs between the authorization directives
> and the "Allow" directive. Check the docs for details, but basically you
> want something like:
> 
> # Passwords everywhere..
> <Directory /top/of/docroot>
>   <authorization directives>
>   Allow from all
>   Satisfy all
> </Directory>
> 
> # ..Except here
> <Directory /no/passwd/in/this/dir>
>   Allow from all
>   Satisfy any
> </Directory>
> 
> "Satisfy all" in the main dir-container means that the request must
> satisfy Allow AND authorization (so password is required). "Satisfy any"
> in the inner dir-container means that the request must satisfy Allow OR
> authorization (so the Allow directive lets it in without requiring a
> password).
> 
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored. 
> 
> 
> 
> 
>>	Thanks for any help.
>>
>>	Eric


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message