RE: mod_auth and vhost issue

Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 49712 invoked from network); 7 Aug 2007 04:49:57 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 7 Aug 2007 04:49:57 -0000 Received: (qmail 16153 invoked by uid 500); 7 Aug 2007 04:49:46 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 16134 invoked by uid 500); 7 Aug 2007 04:49:46 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 16123 invoked by uid 99); 7 Aug 2007 04:49:45 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Aug 2007 21:49:45 -0700 X-ASF-Spam-Status: No, hits=4.1 required=10.0 tests=DNS_FROM_RFC_BOGUSMX,HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of henry.cavillones@heavy.com designates 69.25.74.44 as permitted sender) Received: from [69.25.74.44] (HELO mX1.myoutlookonlIne.com) (69.25.74.44) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Aug 2007 04:49:43 +0000 Received: from BE059.mail.lan ([10.109.209.159]) by mX1.myoutlookonlIne.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 7 Aug 2007 00:49:22 -0400 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C7D8AE.517F3BDD" Date: Tue, 7 Aug 2007 00:49:20 -0400 Message-ID: <5A8C2DC0E3887147A2D4138C5F48B367A40C01@BE059.mail.lan> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: mod_auth and vhost issue Thread-Index: AcfYrlFiIbebpkr9T6mlBLPQfR9uoA== From: "Henry Cavillones" To: X-OriginalArrivalTime: 07 Aug 2007 04:49:22.0230 (UTC) FILETIME=[526F8D60:01C7D8AE] X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] RE: mod_auth and vhost issue ------_=_NextPart_001_01C7D8AE.517F3BDD Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable ok so i have this vhost directory container which is also the vhosts = docroot: =20 AllowOverride All DirectoryIndex index.html AuthName "SomeProj: Authorized Access Only" AuthType Basic AuthUserFile /usr/local/sites/someproj.htpasswd Require valid-user Allow from All Satisfy Any This is as far as ive gone with no success, currently any URL i request = requires authentication. Im trying to figure out how to only allow unauthenticated access to = requested URLs that have png,gif,flv or js in them. Otherwise authentication is necessary. The request URL can be as deep as = it wants (for example: /js/ver/whatever/publisher.js or /admin.js ) Oh and by the way, when the acceptable URL request is made it is = re-written by this rule: RewriteRule ^/js/ver([0-9]+)/([0-9|a-f]{8})/publisher\.js$ = /js/someproj.php?version=3D$1&publisher_hash=3D$2 [L] ------_=_NextPart_001_01C7D8AE.517F3BDD Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: mod_auth and vhost issue

ok so i have this vhost directory container which is = also the vhosts docroot:

<Directory "/usr/local/sites/somedir/htdocs">
            &= nbsp;   AllowOverride All
            &= nbsp;   DirectoryIndex index.html
            &= nbsp;   AuthName "SomeProj: Authorized Access = Only"
            &= nbsp;   AuthType Basic
            &= nbsp;   AuthUserFile /usr/local/sites/someproj.htpasswd
            &= nbsp;   Require valid-user
        <FilesMatch = "\.(png|gif|flv|js)$">
            &= nbsp;   Allow from All
            &= nbsp;   Satisfy Any
        </FilesMatch>
</Directory>

This is as far as ive gone with no success, currently any URL i request = requires authentication.

Im trying to figure out how to only allow unauthenticated access to = requested URLs that have png,gif,flv or js in them.
Otherwise authentication is necessary. The request URL can be as deep as = it wants (for example: /js/ver/whatever/publisher.js or /admin.js )

Oh and by the way, when the acceptable URL request is made it is = re-written by this rule:
RewriteRule   = ^/js/ver([0-9]+)/([0-9|a-f]{8})/publisher\.js$   = /js/someproj.php?version=3D$1&publisher_hash=3D$2 [L]

------_=_NextPart_001_01C7D8AE.517F3BDD--