httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tim Smith" <t...@cqpl.com.au>
Subject [users@httpd] SSL, .htaccess
Date Wed, 03 Sep 2003 06:24:37 GMT
Hello I am trying to develop a system for work where I need to control access to directories
based on the users SSL_SESSION_ID. This is how I am approaching the problem so far. the directories
where access control is needed are under /data / being apaches root directory. under /data
a directory name is dynamically created from the first 4 characters from SSL_SESSION_ID, and
a .htaccess file is deposited in that directory along with whatever else is needed. so far
so good. my initial problem is apache is erroring when reading the .htaccess file. it has
"Limit" as the option inside it. here is the message given from error_log
[Thu Aug 28 14:01:17 2003] [alert] [client 192.168.1.211] /usr/local/httpd_secure/data/D8B3/.htaccess:
Illegal option Limit

here is what I have set in http.conf for my directories
#match a group of 4 characters in the requested uri
SetEnvIf SSL_SESSION_ID "\^????" current_session

SetEnvIf URI_REQUEST "current_session" uri_check_passed

<Directory /data>
    Order Deny,Allow
    Deny from All
    Allow from env=uri_check_passed
    AuthUserFile  /etc/httpd/passwd
    AuthGroupFile /etc/httpd/group
    Options -FollowSymLinks +Multiviews
    AllowOverride All
</Directory>

<Directory />
    AuthUserFile  /etc/httpd/passwd
    AuthGroupFile /etc/httpd/group
    Options -FollowSymLinks +Multiviews

</Directory>
my second question is will my SetEnvIf statements make sense? first I am trying to pull out
the first 4 digits from SSL_SESSION_ID and put them into current_session, then if URI_REQUEST
contains the same string in it as current_session, set uri_check_passed. thus giving access
to the client for that directory under /data.\
not easy to grasp in one go but any help in even getting over the issue with .htaccess would
be much appreciated.

cheers
Tim Smith

Mime
View raw message