httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tommy Peterson <Tommy.Peter...@xpandcorp.com>
Subject RE: [users@httpd] how many <Location> directives can you have?
Date Fri, 03 Jun 2011 12:32:38 GMT
Yes. Here is what I had to start with
<Location /drupal >
   AuthType shibboleth
  ShibRequireSession On
   ShibUseHeaders On
   require shibboleth
</Location>
As I had the entire Drupal application/directory locked down requiring Shibboleth authentication.
It worked just fine.

Then, I was asked to just require Shibboleth authentication on certain sections of the Drupal
application so based upon the URLs/Directories I changed the above to the below. This is where
everything stopped working. . . the authentication piece anyway.

<Location /drupal/cma/profile>
   AuthType shibboleth
  ShibRequireSession On
   ShibUseHeaders On
   require shibboleth
</Location>

<Location /drupal/cma/history>
   AuthType shibboleth
   ShibRequireSession On
   ShibUseHeaders On
   require shibboleth
</Location>

<Location /drupal/cma/notebook/courses>
   AuthType shibboleth
   ShibRequireSession On
   ShibUseHeaders On
   require shibboleth
</Location>

<LocationMatch "/drupal/online-courses\?id=\d">
   AuthType shibboleth
   ShibRequireSession On
   ShibUseHeaders On
   require shibboleth
</LocationMatch>


<Location /drupal/user>
  AuthType shibboleth
   ShibRequireSession On
   ShibUseHeaders On
   require shibboleth
</Location>

Thanks in advance.
-Tommy

-----Original Message-----
From: Jason Pyeron [mailto:jpyeron@pdinc.us]
Sent: Thursday, June 02, 2011 9:11 AM
To: users@httpd.apache.org
Subject: RE: [users@httpd] how many <Location> directives can you have?

> -----Original Message-----
> From: Tommy Peterson [mailto:Tommy.Peterson@xpandcorp.com]
> Sent: Wednesday, June 01, 2011 21:54
> To: users@httpd.apache.org
> Subject: [users@httpd] how many <Location> directives can you have?
>
> I think I am confused about the <Location> directive. How
> many can you have? Can you list 4 or 5, for example, and they
> are all acted upon? Or does Apached just start with the first
> and stop there. Sorry for such a basic question but I ran
> into an issue.
>
> I used such a directive to lock down a particular directory.
> All was good. Then I decided that I only wanted part of the
> directory (web app) to be locked down. So I added several
> such Location directives. While it appeared to work . . .
> well without going into too much detail the application
> didn't require authentication. So I thought it was my
> application until I changed the directives back to one for
> the entire directory/application and it started working again
> as it should.
>
> So I know it has to do with the location directives. Any suggestions?

Can you post the example of what you have?

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                      PD Inc. http://www.pdinc.us -
- Principal Consultant              10 West 24th Street #100    -
- +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is copyright PD Inc, subject to license 20080407P00.




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


This message contains Devin Group confidential information and is intended only for the individual
named. If you are not the named addressee you should not disseminate, distribute or copy this
e-mail.
 Please notify the sender immediately by e-mail if you have received this e-mail in error
and delete this e-mail from your system. E-mail transmissions cannot be guaranteed secure,
error-free and information could be intercepted, corrupted, lost, destroyed, arrive late,
incomplete, or contain viruses. The sender therefore does not accept liability for errors
or omissions in the contents of this message which may arise as result of transmission. If
verification is required please request hard-copy version.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message