httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <>
Subject Re: [users@httpd] URL Rewriting and DAV with Digest Authentication
Date Sat, 05 May 2007 23:46:07 GMT
On 5/4/07, The Gaijin <> wrote:

>         <LocationMatch ~*>

Use <Location /~> -- it is more efficient and safer in this case.
>         RewriteEngine On
>         RewriteLog /var/log/apache2/rewrite.log
>         RewriteLogLevel 5
>         RewriteRule ^/~[[:alpha:]]+/(.*)$ /~%{LA-U:REMOTE_USER}/$1

Since mod_rewrite uses a sub-request to grab the REMOTE_USER, I'd
guess that the problem is that all subrequests are GET requests, and
therefore unauthenticated. You may be able to get around that problem
by putting the mod_rewrite stuff into a <Directory> section where the
REMOTE_USER may be available directly (and not through a sub-request).

Alternatively, you could leave all regular userdir requests as
unathenticated, and setup a separate directory (say
http://yourhost/edit) where DAV was turned on for editing. Then in
this directory you would transparently map to the correct location:

<Location /edit>
               DAV On
               AuthType Digest
               AuthUserFile /etc/apache2/user.passwd

RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule ^/edit(.*) /home/%1$1

All users would then access files directly under http://yourhost/edit
and get automatically (transparently) redirected to their home

By the way, I assume you are aware that your users shouldn't be given
any direct (shell) access to the filesystem if you are using mod_dav.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message