httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <>
Subject Re: [users@httpd] Location directive with url parameters
Date Tue, 26 Apr 2005 18:31:30 GMT
On 4/26/05, Frank McCreedy <> wrote:
> First, I apologize if I break any etiquette for messages, this is my first
> message.
> What I am trying to do, is restrict access to a location based on
> parameters embedded in a URL as shown below.  The first location just
> requires a valid user, the second requires a user in the admin group.  It
> doesn't seem to work like I would think it would.  Is this even possible
> to do or do I have to make a completely different URL?
> <Location /servlet/MyServlet>
>    SSLRequireSSL
>    AuthType Basic
>    AuthName "Area 1"
>    AuthUserFile c:/apache/users/users.txt
>    require valid-user
> </Location>
> <Location /servlet/MyServlet?type=admin>
>    SSLRequireSSL
>    AuthType Basic
>    AuthName "Area 2"
>    AuthUserFile c:/apache/users/users.txt
>    AuthGroupFile c:/apache/users/groups.txt
>    require group admin
> </Location>

In general, no you can't do that.  <Location> will not look at the query string.

If you really need, you can hook something up with mod_rewrite, as in

RewriteEngine On
RewriteCond %{QUERY_STRING} type=admin
RewriteCond %{LA-U:REMOTE_USER} !some-condition
RewriteRule /servlet/MyServlet - [F]

That will kill the request if the user does not match the regex
"some-condition".  You could use a RewriteMap to look up the user in a
groups-type file.

But now we are getting pretty complicated.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message