You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Takashi Sato <ta...@lans-tv.com> on 2008/11/15 03:09:25 UTC
MatchAll description
http://httpd.apache.org/docs/trunk/mod/mod_authz_core.html#matchall
"If none of the directives contained within the <MatchAll> directive fails,
and at least one succeeds, then the <MatchAll> directive succeeds. "
According to this, following config would grant an access from 127.0.0.1
with no username/password.
<Location /server-info>
SetHandler server-info
AuthType Digest
AuthName "private area"
AuthUserFile "/var/www/password"
Match valid-user
Match ip 127.0.0.0/8
</Location>
But actually 127.0.0.1 needs to be "valid-user".
Considering difference between MatchAll and MatchAny,
this is correct behavior.
The How to says different thing from mod_authz_core doc:
http://httpd.apache.org/docs/trunk/howto/auth.html#beyond
"To authorize the request, none of the negated directives can match
their parameters, while all of the positive directives must match their
parameters (or else return a neutral result)."
mod_authz_core doc should be fixed ?
I'm not sure which is better for this mail, docs@ or dev@.
Regards,
Takashi