httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zembower, Kevin" <kzemb...@jhuccp.org>
Subject [users@httpd] How to handle nested authorization requirements?
Date Thu, 08 Mar 2007 15:13:27 GMT
I'm having trouble with a 'nested' authorization requirement. Here's
part of my httpd.conf file:
cn2:/etc/apache# egrep -v '^[[:space:]]*#|^[[:space:]]*$' httpd.conf
<snip>
NameVirtualHost *
<VirtualHost *>
     ServerName centernet.jhuccp.org
     DocumentRoot /var/www/centernet/htdocs
     <Directory /var/www/centernet/htdocs>
<snip>
         AuthType Basic
         AuthName "JHU/CCP"
         AuthUserFile /var/www/centernet/users
         require valid-user
         satisfy any
         order deny,allow
         allow from 10.253.192.192/26 10.253.200.0/24 10.253.201.0/24
10.253.202.0/24
         deny from all
     </Directory>
<snip>
     <Directory /var/www/centernet/htdocs/staffonly>
        AuthType Basic
        AuthName "CCP Staff Only"
        AuthUserFile /var/www/centernet/staffonlylist
        require valid-user
     </Directory>
</VirtualHost>
<snip>
cn2:/etc/apache#

In the first part of the centernet VirtualHost section, I restrict users
to either be in specific IP address ranges, or enter the password in
/var/www/centernet/users. I want to put an additional restriction on
viewing the files in /var/www/centernet/htdocs/staffonly/. However, when
I test this from inside the specified IP address ranges, it never asks
me to authenticate to view the files in /staffonly/.

How should I change my config file to put additional authorization
requirements on the /staffonly/ directory?

Thanks in advance for all your help and suggestions.

-Kevin

Kevin Zembower
Internet Services Group manager
Center for Communication Programs
Bloomberg School of Public Health
Johns Hopkins University
111 Market Place, Suite 310
Baltimore, Maryland  21202
410-659-6139 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message