httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Noel Stratton" <nstrat...@membersonline.org>
Subject [users@httpd] .htaccess help
Date Fri, 07 Jul 2006 23:23:48 GMT
Here is my .htaccess configuration in my root directory:

Options +ExecCGI
order deny,allow
deny from all
allow from 10.13.1.
allow from 10.13.2.
allow from 10.13.3.
allow from 10.13.4.
satisfy any
AuthName "Members 1st Credit Union Employees Only"
AuthType Kerberos
Krb5Keytab /etc/auth_kerb.keytab
KrbAuthRealm MEMBERSONLINE.LOCAL
KrbMethodNegotiate off
KrbSaveCredentials off
KrbVerifyKDC off
Require valid-user

This web server is used as a company intranet site.  However, my boss
would like it where employees can view the intranet site from home.
This configuration will make it where users inside my network do not
have to authenticate.  If they are outside of the network they will have
to authenticate to active directory.  This is working really well.  

Here is my problem.  I have a couple of sub-directories that I do not
want to be accessible outside of my network.  I put an .htaccess
configuration in the subdirectory like this:

order deny,allow
deny from all
allow from 10.13.1.
allow from 10.13.2.
allow from 10.13.3.
allow from 10.13.4.

When I navigate to the subdirectory I am prompted with the
authentication box instead of the forbidden page.  After an hour of
research I came out confused and could not get a clear answer on this:

Does a .htaccess file in a subdirectory over ride the .htaccess file in
the root directory?
Does a ..htaccess file in a subdirectory merge with a .htaccess file in
the root directory?

If a .htaccess file in a subdirectory over rides the .htaccess file in
the root directory, any tips on why my .htaccess in my root is
overriding my .htaccess file in my subdirectory?

If a .htaccess file in a  subdirectory merges with a .htaccess file in
the root directory, how can I make it where the root directory needs
authentication and select subdirectories forbid users from accessing it?

Thank You,

Noel Stratton
Computer Specialist
Members 1st Credit Union 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message