httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Evans <tevans...@googlemail.com>
Subject Re: [users@httpd] Don't require authentication on a subfolder
Date Fri, 31 Jul 2009 08:54:16 GMT
On Thu, 2009-07-30 at 13:49 -0600, Scott Brady wrote:
> I'm trying to find a way to require authentication (using
> mod_auth_sspi)  on an entire website except for one specific folder,
> which I want freely accessible. However, I've been having issues
> getting that to work. I've tried setting SSPIAuth Off on the
> subfolder, but that didn't work. Is there something I'm missing?
> 
>  
> 
> Here’s the relevant part of my vhosts file entry for that site:
> 
>                 <Directory / >
> 
>                                 AuthName "Enter your login"
> 
>                                 AuthType SSPI
> 
>                                 SSPIAuth On
> 
>                                 SSPIAuthoritative Off
> 
>                                 SSPIDomain mydomain.lan
> 
>                                 SSPIOfferBasic On
> 
>                                 Require valid-user
> 
>                 </Directory>
> 
> # This is the folder I want freely accessible
> 
>                 <Directory /mySubFolder/ >
> 
>                                 SSPIAuth Off
> 
>                 </Directory>
> 
>  
> 
> Thanks!
> 
> -----------------------------------
> 
> Scott Brady
> 
> Lead Application Developer
> 
> Memolink, Inc.
> 

Do you understand the difference between <Directory> and <Location>?

<Directory> refers to a physical on disk directory, and the rules within
it are applied to any file served from within that directory, or
sub-directory. <Location> refers to the requested URL. 

In your example, with your first <Directory> you are restricting any
file loaded from the directory / or any subdirectory, which is, I'm
sure, not your intention. Your second <Directory> is then trying to
remove authentication, but it will only do it for files loaded from the
disk directory /mySubFolder/.

I'm pretty sure you just want <Location> containers rather than
<Directory>, like so:

<Location />
   # All your SSPI directives here
</Location>

<Location /public/>
  Allow from all
  Satisfy any
</Location>

Cheers

Tom


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message