httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bruno Tréguier <Bruno.Tregu...@shom.fr>
Subject Re: [users@httpd] Authenticating with subfolders
Date Tue, 21 May 2013 09:22:41 GMT
Le 21/05/2013 à 11:07, Vincenzo D'Amore a écrit :
> Hi Miguel, 
> 
> yes it is possible, you could add a couple of file in each directory
> (.htaccess and .htpasswd).
> Those files should override the root authentication configuration with a
> new local config.
> 
> I suggest to read here how to implement such configuration:
> 
> http://httpd.apache.org/docs/2.2/howto/auth.html

Hello Vincenzo and Miguel,

I've been looking for such a configuration as well long ago, and I had
come to the conclusion that it was not possible, as only *one*
Authorization header is allowed (as far as I know).

RFC2616 (HTTP/1.1)  also states, in its §14.8:

"If a request is authenticated and a realm specified, the same
credentials SHOULD be valid for all other requests within this realm".

So, as I undestand it, you cannot use a login/password pair for a local
resource accessible via, e.g., "/a/", and another login/password pair
for another local resources located "under", e.g. "/a/b/" (as accessing
/a/b/'s realm implies accessing "/a/'s realm first).

I may be wrong, that being said, but if anyone has a solution for that,
I'd love to read how it was implemented.

Regards,

Bruno

-- 
- Service Hydrographique et Oceanographique de la Marine  -  DMGS/INF
-  13, rue du Chatellier -  CS 92803  - 29228 Brest Cedex 2, FRANCE
-     Phone: +33 2 98 22 17 49  -  Email: Bruno.Treguier@shom.fr

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message