httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <jos...@slive.ca>
Subject Re: [users@httpd] Restricting indexes to authenticated users
Date Tue, 15 Aug 2006 13:22:55 GMT
On 8/15/06, Rich Thomas <thomasr@buffalo.edu> wrote:

> I'm running Server version: Apache/1.3.26 (Unix) and I'm trying to figure
> out how I can allow anonymous access to the files in a directory yet
> restrict the Directory index listing only to a few authenticated users.
>
> I know I'll probably need to use an .htaccess file with the Options –Index
> on the directory but how do I allow certain users to access the index?

[1.3.26 is rather old; you should upgrade]

I didn't answer this the last time because it isn't really a
fully-defined question.  For example, what do you want to happen when
unauthenticated users access the directory?  Should they be served up
the DirectoryIndex file (index.html)?  If so, you need to find a way
in the URL to differentiate between users who get the index.html and
users who get the directory listing.

Something like this for example:
<Directory /path/to/dir>
Options None
</Directory>
Alias /getlisting /path/to
<Location /getlisting>
Options Indexes
Require valid-user
...
</Location>

Then restricted users access http://example.com/dir/ and get the
index.html, while people with the right password can access
http://example.com/getlisting/dir/ and get the directory listing.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message