httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: [users@httpd] Satisfy any & Basic authorization
Date Thu, 15 Jan 2009 21:49:22 GMT
Eric Covener wrote:
> On Thu, Jan 15, 2009 at 9:09 AM, Brian Mearns <> wrote:
>> The only thing I can think of is reversing the orders of the Location
>> tags, i.e., have the more global one come first.
> I know OP reported that this failed, but I think this is the route to pursue.
Did you try "AuthType none" in the sub-location ?

I think I remember having this same kind of issue before, and to have 
found that the problem is that an authentication method is always 
"inherited" from the parent dir/location, unless specifically overridden 
by a new one.

I can think of a rather clumsy way of overcoming this, roughly as 
follows (not tried, but maybe worth a try).

Say you currently have something like this :

directory structure :
   /var/www/docs/* (must stay protected)
   /var/www/docs/unp/... (stuff to unprotect)

DocumentRoot /var/www/docs
<Location />
<Location /unp>
   (would like to unprotect, but currently does not work)

Then you could change this as follows :

directory structure :
   /var/www/docs/unp/* (stuff to unprotect)
   /var/www/docs/prot/* (everything else, must stay protected)
   and nothing in /var/www/docs itself apart from the above.

DocumentRoot /var/www/docs
RewriteCond %{REQUEST_URI} !^/unp/
RewriteRule ^/(.*)$ /prot/$1 [PT]

<Directory /prot>
   AuthType Basic
<Directory /unp>
   (no auth)

The idea would be to catch all requests not starting with "/unp/", and 
re-writing these to "/prot/*".  They would then fall under the later 
Auth, while the /unp/ ones would not.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message