You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Andrea Gozzi <AG...@dsk.lu> on 2020/05/05 09:52:31 UTC
[users@httpd] Conditionally disable authentication in subdirectories
Hi all,
I have a vhost where SSPI authentication is enabled (if the corresponding module is loaded and a variable is defined). So far, so good.
However, depending on the existence of certain subdirectories, I need to disable authentication in those directories (htaccess files in subdirectories are not currently an option).
Unfortunately that does not seem to work correctly :(
My vhost configuration looks like this (httpd 2.4.43 on windows):
<VirtualHost *:12000>
ServerAdmin admin@host
DocumentRoot "${D_DOCUMENTROOT}/vhost1"
ServerName localhost
<Directory "${D_DOCUMENTROOT}/vhost1">
Options -Indexes
</Directory>
<IfModule mod_authnz_sspi.c>
<IfDefine ENABLESSO>
<Directory "${D_DOCUMENTROOT}/vhost1">
AuthName "${SSODOMAIN}"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIOfferBasic On
require valid-user
Options -Indexes
</Directory>
<IfFile !"${D_DOCUMENTROOT}/vhost1/legacy_dir">
<IfFile "${D_DOCUMENTROOT}/vhost1/myApp1/">
<Directory "${D_DOCUMENTROOT}/vhost1/myApp1/">
SSPIAuth Off
Allow From All
Satisfy Any
</Directory>
</IfFile>
<IfFile "${D_DOCUMENTROOT}/vhost1/myApp2/">
<Directory "${D_DOCUMENTROOT}/vhost1/myApp2/">
SSPIAuth Off
Allow From All
Satisfy Any
</Directory>
</IfFile>
<IfFile "${D_DOCUMENTROOT}/vhost1/myApp3/">
<Directory "${D_DOCUMENTROOT}/vhost1/myApp3/">
SSPIAuth Off
Allow From All
Satisfy Any
</Directory>
</IfFile>
</IfFile>
<IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir">
<IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp1/">
<Directory "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp1/">
SSPIAuth Off
Allow From All
Satisfy Any
</Directory>
</IfFile>
<IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/">
<Directory "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/">
SSPIAuth Off
Allow From All
Satisfy Any
</Directory>
</IfFile>
<IfFile "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/">
<Directory "${D_DOCUMENTROOT}/vhost1/legacy_dir/myApp2/">
SSPIAuth Off
Allow From All
Satisfy Any
</Directory>
</IfFile>
</IfFile>
</IfDefine>
</IfModule>
ErrorLog "logs/error/vhost1-error.log"
CustomLog "logs/vhost1-access-[%Y-%m].log" common
</VirtualHost>
Any clues why it's not working? Or any suggestions for a different approach?
Thank you.
Andrea