httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: [users@httpd] Re: <Location /> for a whole site BUT one directory
Date Mon, 04 Aug 2008 11:52:46 GMT
Ralph Kutschera wrote:
> André Warnier schrieb:
>> Ralph Kutschera wrote:
> 
> 
> I did this test:
> <Location /> AuthName "Server" [..]</Location>
> <Location /public> AuthName "Public"  [..]</Location>
> 
> The funny thing about that: When trying to access 
> https://domain.com/public I'm getting ask for the "Public" realm first 
> and after supplying a correct user/passwd I'm getting asked for the 
> "Server" realm. So it's anyhow the opposite of "inherited".

Well, no, it actually means that they *are* being "inherited".
If, in the "/public" directory, you are being asked for things that are 
defined only in "/", then it means that "/public" inherits them from "/".
So, it would seem that the only way of not being asked for them in 
"/public", would be to somehow use the same directives in "/public" as 
in "/", but in a way that would "override" the ones in "/" *and* allow 
access to anyone.

I really don't know about Apache 1.3 anymore, and authentication stuff 
seems to have changed quite a bit between 1.3 and 2.x.

But what about trying this :

<Directory /var/www/sitex/docs/public>
   AuthXXX .. (copy all directives as in Location "/")
   order Allow,Deny
   Allow from all
   Satisfy any
</Location>

By the way, what is actually "AuthXXX" ? What kind of authentication is 
being used there ?

And also by the way, is it not possible to upgrade to Apache 2.x ?  In 
terms of configuration as I recall, the differences are not that big.
It can be more work if you are using something like mod_perl on your 
site.  But if that is the case, then also there *is* a solution to your 
problem.

As another separate consideration, the fact that you are being asked for 
the /public realm and then for the / realm sounds like a bug.
In reality, according to (what I remember of) the literature, none of 
the "Auth" stuff should even be active unless you have at least one 
"Require" directive. That's also what makes me think that the /public 
inherits the directives from the / (the "Require" being among them).
But that kind of subtle background stuff about the scope of some 
directives and their "inheritance" is precisely what could be different 
between 1.3 and 2.x, and not be very clearly documented.

André


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message