httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Stoffel" <john.stof...@taec.toshiba.com>
Subject [users@httpd] AuthType Basic with exceptions to files in a directory?
Date Fri, 29 Aug 2008 14:28:04 GMT

Hi all,

I've been looking through the archives trying to figure out how I can
accomplish what I need with "AuthType Basic" on a web site running
Apache 2.0.52, which I realize is not the newest.  The basic limit is
that I've got a Google Mini which needs to search and index some
secured content.  It's a dumb box which doesn't understand any
authentication beyond "AuthType Basic" or NTLM.  NTLM won't work for
what I need unfortunately.  

I've got an htdocs directory which I want to do the following:

     - restrict *all* access to only valid-users

     - allow in the google mini IP to access *all* files.

     - allow anyone access to http://site/ to access the default
       login.html file to see the various public welcome stuff.

     - allow anyone access to index.html, login.html, error.html
       files. 

I've been looking at the following helpful message thread from the
archive:

  http://httpd.markmail.org/message/wk6fhij4saejpsqf?q=AuthType+Basic+allow+login+page&page=3


But I'm obviously missing something since I can't make it work
properly.

What I've got is the following:

   <VirtualHost x.y.z.#>
     DocumentRoot /path/to/site/htdocs
     ServerName secure
     LogLevel warn
     ErrorLog logs/secure-error_log
     CustomLog logs/secure-access_log combined
     ErrorDocument 401 "/error.html"
     ScriptAlias /cgi-bin/ "/path/to/site/cgi-bin/"

     ServerAlias secure.taec.com secure.taec.toshiba.com
     <Directory "/path/to/site/htdocs/">
       Options Indexes FollowSymLinks MultiViews
       AllowOverride All
     </Directory>
   </VirtualHost>

And in the .htaccess file (I know, I should put this into the master
config, but this is just my testing) I have:

    AuthMySQLHost localhost
    AuthMySQLUser admin
    AuthMySQLPassword password
    AuthMySQLDB usertable
    AuthMySQLUserTable users
    AuthMySQLNameField username
    AuthMySQLPasswordField password
    AuthMySQLEnable on
    AuthName "Access Test Site"
    AuthType Basic
    require valid-user
    AuthMySQLGroupTable users
    AuthMySQLGroupField status
    require group CURRENT

    DirectoryIndex login.html index.html index.php index.htm
    Allow From "googlebox.taec.com"
    Satisfy Any
    <Files "*">
      require valid-user
      require group CURRENT
    </Files>
    <FilesMatch "(login|register|forgotpass|error).html">
      Allow from All
      Satisfy Any
    </FilesMatch>

I've also turned up the LogLevel to 'info' to try and see what's going
on here, but it's not doing what I expect.  I guess I'll goto the
'debug' level to see what's up.

Anyway, when I first connect to my site using http://site/  I get
prompted for a password.  If I hit 'cancel' I get my login.html screen
properly.  I *really* want to have the login screen showup without
prompting at all.  What should I tweak?

I've got the multiple "Satisfy Any" lines in the .htaccess file
because I'm tearing my hear out trying to figure out the precedence
settings and having a tough time.  

Any help or pointers appreciated.

Thanks,
John
    John Stoffel - Senior Staff Systems Administrator - System LSI Group
  Toshiba America Electronic Components, Inc. - http://www.toshiba.com/taec
	     john.stoffel@taec.toshiba.com - 508-486-1087

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message