httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark jensen <ngiw2...@hotmail.com>
Subject [users@httpd] How to allow a directory and don't allow a sub-directory?
Date Tue, 22 Jul 2014 15:20:42 GMT
I want to allow a directory " /var/www/html/ldap" to two users according to IPs (192.168.1.2
192.168.1.7):

<Directory /var/www/html/ldap>
      Order allow,deny
      Allow from 192.168.1.2 192.168.1.7
      Satisfy any
      AuthName "LDAP Authentication"
      AuthType Basic

      AuthBasicProvider ldap
      AuthzLDAPauthoritative off
      AuthLDAPURL ldap://192.168.1.3/dc=example,dc=com?uid?sub?(objectClass=*)
      Require valid-user
</Directory>

but I don't want to allow a sub directory to 192.168.1.7 (I want it to be allowed only to
192.168.1.2):

I have tried to add:

<Directory /var/www/html/ldap//manager>
      Order allow,deny
      Allow from 192.168.1.2
      Satisfy any
      AuthName "LDAP Authentication"
      AuthType Basic

      AuthBasicProvider ldap
      AuthzLDAPauthoritative off
      AuthLDAPURL ldap://192.168.1.3/dc=example,dc=com?uid?sub?(objectClass=*)
      Require valid-user
</Directory>

but it seems that 192.168.1.7 can reach to manager directory  because it is a part of ldap
directory, how can I forbid this?
 		 	   		  
Mime
View raw message