httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Mearns <>
Subject Re: [users@httpd] Location based auth
Date Tue, 20 Jan 2009 01:22:30 GMT
On Mon, Jan 19, 2009 at 4:58 PM, Sheldon Ross <> wrote:
> I can't seem to find information on using password authentication within
> a <Location> tag.
> I've used .htaccess files in directories, but I'm using mod_jk to
> connect to tomcat and a status worker, and would like to restrict access
> to the status worker. There is no directory to put .htaccess in so how
> would I accomplish this?
> I tried putting
>                AuthType Basic
>                AuthName "Private Area"
>                AuthUserFile /etc/apache2/htusers
>                Require valid-user
> in the location tag, but it never prompts for user and password it just
> says forbidden.
> Thanks
> Sheldon

Your basic idea is correct, but you're probably missing something
simple. To start, try adding the "Satisfy All" inside the location
tag. If anything "above" the location has granted access without the
password, and you have "Satisfy Any" hanging around, then it will let
them in.

Hope that helps,

Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from:

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message