Return-Path: 
 <users-return-66051-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 1153 invoked from network); 24 Aug 2006 00:04:45 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 24 Aug 2006 00:04:45 -0000
Received: (qmail 48478 invoked by uid 500); 24 Aug 2006 00:04:36 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 48462 invoked by uid 500); 24 Aug 2006 00:04:36 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 48451 invoked by uid 99); 24 Aug 2006 00:04:36 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 Aug 2006 17:04:36 -0700
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=
X-Spam-Check-By: apache.org
Received-SPF: pass (asf.osuosl.org: local policy)
Received: from [72.18.22.16] (HELO ussm001a.mmsa.com) (72.18.22.16)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 Aug 2006 17:04:36 -0700
In-Reply-To: 
 <OF3ACF21C5.757BC94D-ON882571D2.0079D96B-882571D2.007A733D@mmsa.com>
To: users@httpd.apache.org
MIME-Version: 1.0
X-Mailer: Lotus Notes Release 6.5.1 January 21, 2004
Message-ID: 
 <OFFF174199.E08502D6-ON882571D4.0000423E-882571D4.000063DF@mmsa.com>
From: Jignesh Badani <jbadani@mmsa.com>
Date: Wed, 23 Aug 2006 17:04:17 -0700
X-MIMETrack: Serialize by Router on USSM001A/M/MMCX(Release 6.5.4|March 27,
 2005) at 08/23/2006
 05:05:02 PM,
	Serialize complete at 08/23/2006 05:05:02 PM
Content-Type: text/plain; charset="US-ASCII"
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: [users@httpd] Is this possible ?
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

Hello all, let me try again. 

I have the following restriction in place:

SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in
SetEnvIf COOKIE ^XSESSION let_xuser_in

<Location />
Order Deny,Allow
Deny from all
Allow from env=let_10161_in
Allow from env=let_xuser_in
</Location>

It basically means users whose X-FORWARDED-FOR contains 10.161 gets in. 
Also it allows users who have a Cookie "XSESSION" gets in.

Now, how do I combine them such that only users with both the conditions 
set can get in or otherwise Deny access.

Meaning, a user has to come from 10.161 and also needs to have a XSESSION 
cookie set inorder to get access. 

Can I form such an expression in SetEnvIf ? If so how ?

Thank you
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
Jignesh Badani



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org