Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 11936 invoked from network); 30 Mar 2011 13:40:57 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 30 Mar 2011 13:40:57 -0000 Received: (qmail 84883 invoked by uid 500); 30 Mar 2011 13:40:54 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 84855 invoked by uid 500); 30 Mar 2011 13:40:54 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 84846 invoked by uid 99); 30 Mar 2011 13:40:54 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 30 Mar 2011 13:40:54 +0000 X-ASF-Spam-Status: No, hits=0.0 required=5.0 tests=FSL_HELO_NON_FQDN_1,HELO_NO_DOMAIN,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [209.20.83.52] (HELO webthing) (209.20.83.52) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 30 Mar 2011 13:40:48 +0000 Received: from [192.168.0.100] (walkham.free-online.co.uk [80.229.52.226]) by webthing (Postfix) with ESMTPSA id C9A69402E5 for ; Wed, 30 Mar 2011 13:40:27 +0000 (UTC) References: <4D92F613.3030104@cyanide-studio.com> <7A81427A-546D-469E-ABF2-628B1648AC6F@webthing.com> <4D9330E3.7000008@cyanide-studio.com> In-Reply-To: <4D9330E3.7000008@cyanide-studio.com> Mime-Version: 1.0 (Apple Message framework v1082) Content-Type: text/plain; charset=us-ascii Message-Id: <32E6384F-0549-4AFC-934C-49033919218C@webthing.com> Content-Transfer-Encoding: quoted-printable From: Nick Kew Date: Wed, 30 Mar 2011 14:40:25 +0100 To: users@httpd.apache.org X-Mailer: Apple Mail (2.1082) Subject: Re: [users@httpd] Centralised path-based authorisation On 30 Mar 2011, at 14:32, Admin Cyanide wrote: > I just want to be sure we're talking about authorisations and not = authentication. I know how to use SQL, LDAP or whatever to create = authentications mechanisms. > What I'm searching is path based authorisations to allow acces to = xxx/yyy folder to bob, while other authenticated users can't access to = it (though it can be more complex). I can't tell you your best solution. But you could, for example, map = paths to=20 authz groups. Then you update your ACLs by amending group memberships. If you already knew that and thought it should be obvious, then the = answer is no, there's nothing builtin that'll help. Unless your access maps to = filesystem access and can be driven by file ownership. --=20 Nick Kew Available for work, contract or permanent http://www.webthing.com/~nick/cv.html --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org