httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Africa <>
Subject [users@httpd] protecting php controller paths
Date Thu, 14 Aug 2008 13:35:14 GMT
We are using an MVC framework to develop PHP applications. We have  
Apache handling requests via the PHP module, Cosign for  
authentication, and .htaccess for authorization.

Up to a few months ago, we developed/deployed our applications with  
Zope, which handled both authentication and authorization internally  
-- so this is new territory for us all around.

One of our apps has 4 views, to be made accessible to 4 separate  
groups of people. The developer integrated all the interfaces behind a  
single controller, which makes complete sense from a development  
standpoint, but now I can't figure out how to restrict access to the  

Accessing gets you the student.php file  
which points to the index.php controller. Attempts to restrict / 
student or /student.php with either <Directory> or <Location> are  
ignored (which makes sense, since these are neither directories nor  
locations). What do I need here?

My hack was to copy his code into 4 separate directories and eliminate  
key pieces in each one so that I can restrict by actual directory. But  
this is really hacky and not maintainable.

Many thanks for any help you can give!

Chris Africa
Web Project Manager
Department of Mechanical Engineering
University of Michigan
Fridays: 734-730-6221
AIM/iChat/Skype ID: baiewola

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message