You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Marc Wiatrowski <wi...@iglass.net> on 2003/12/13 16:44:57 UTC
[users@httpd] Config question combining mod_auth_any and(or) mod_access
hi,
I'm looking for a way to combine the functionality of mod_auth_any
with
mod_access.
Basically I want to prompt users for a username and password only if
they are
accessing the site via the public internet, but if they are internal
on say
my 192.168.1.0 network, automatically give them access With Out
prompting
for a username and password.
Is there an easy way to do this?
I have had no problems setting up just mod_auth_any or just
mod_access. And
have also gotten them both to work together. Where it will check my
address and if that's ok, then also prompt for a username and
password.
So can I use these with an OR conditional some way as apposed to an
AND
conditional?
Or is there another path I should go down? I'm trying not to attempt
using
these with mod_rewrite and virtual hosts...
thanks for any help,
marc
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Config question combining mod_auth_any and(or) mod_access
Posted by Justin Booth <ro...@insaneprogramming.com>.
"Satisfy Any" will override all other order parameters.... for example if
you don't want people to read your .htaccess and you put in a:
<File ~ "\.ht">
order allow,deny
deny from all
</File>
"Satisfy Any" will override those controls so anyone with any sort or
credentials (IP or username/password) will be able to pull any file. I'm not
sure about 2.0 but I know 1.3.29 behaves this way.
Justin
----- Original Message -----
From: "Joshua Slive" <jo...@slive.ca>
To: <us...@httpd.apache.org>
Sent: Saturday, December 13, 2003 4:04 PM
Subject: Re: [users@httpd] Config question combining mod_auth_any and(or)
mod_access
> On Sat, 13 Dec 2003, Marc Wiatrowski wrote:
> > I'm looking for a way to combine the functionality of mod_auth_any
> > with
> > mod_access.
> >
> > Basically I want to prompt users for a username and password only if
> > they are
> > accessing the site via the public internet, but if they are internal
> > on say
> > my 192.168.1.0 network, automatically give them access With Out
> > prompting
> > for a username and password.
> >
> > Is there an easy way to do this?
>
> Yes. See the Satisfy directive:
> http://httpd.apache.org/docs-2.0/mod/core.html#satisfy
>
> The default is "Satisfy all", which is essentially an "and" restriction on
> user auth and host-based access control. To change to "or", you need
> "Satisfy any".
>
> Joshua.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Config question combining mod_auth_any and(or)
mod_access
Posted by Joshua Slive <jo...@slive.ca>.
On Sat, 13 Dec 2003, Marc Wiatrowski wrote:
> I'm looking for a way to combine the functionality of mod_auth_any
> with
> mod_access.
>
> Basically I want to prompt users for a username and password only if
> they are
> accessing the site via the public internet, but if they are internal
> on say
> my 192.168.1.0 network, automatically give them access With Out
> prompting
> for a username and password.
>
> Is there an easy way to do this?
Yes. See the Satisfy directive:
http://httpd.apache.org/docs-2.0/mod/core.html#satisfy
The default is "Satisfy all", which is essentially an "and" restriction on
user auth and host-based access control. To change to "or", you need
"Satisfy any".
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org