httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jignesh Badani <jbad...@mmsa.com>
Subject Re: [users@httpd] Is this possible ?
Date Thu, 24 Aug 2006 01:54:02 GMT
Awesome, just trying to understand the syntax of the last SetEnvIf:

SetEnvIf let_10161_in ^0$ !let_xuser_in

--> If the env variable let_10161_in is "0" - meaning the request is not 
from 10.161, unset (make it 0?) the let_xuser_in env variable ? 

And mod_rewrite for this, how ?

Thanks
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
- - 
Jignesh Badani





"Joshua Slive" <joshua@slive.ca> 
Sent by: jslive@gmail.com
08/23/2006 05:10 PM
Please respond to
users@httpd.apache.org


To
users@httpd.apache.org
cc

Subject
Re: [users@httpd] Is this possible ?






On 8/23/06, Jignesh Badani <jbadani@mmsa.com> wrote:
> Hello all, let me try again.
>
> I have the following restriction in place:
>
> SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in
> SetEnvIf COOKIE ^XSESSION let_xuser_in
>
> <Location />
> Order Deny,Allow
> Deny from all
> Allow from env=let_10161_in
> Allow from env=let_xuser_in
> </Location>
>
> It basically means users whose X-FORWARDED-FOR contains 10.161 gets in.
> Also it allows users who have a Cookie "XSESSION" gets in.
>
> Now, how do I combine them such that only users with both the conditions
> set can get in or otherwise Deny access.
>
> Meaning, a user has to come from 10.161 and also needs to have a 
XSESSION
> cookie set inorder to get access.
>
> Can I form such an expression in SetEnvIf ? If so how ?

# This next line always matches
SetEnvIf Remote_Addr . let_10161=0
SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in=1
SetEnvIf COOKIE ^XSESSION let_xuser_in
SetEnvIf let_10161_in ^0$ !let_xuser_in

Allow from env=let_xuser_in

You can write it in a less obtuse way if you use mod_rewrite.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message