You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Henry Cavillones <he...@heavy.com> on 2007/08/06 19:17:45 UTC

[users@httpd] Problem with mod_auth

I have this docroot i want to password protect, but I want to bypass authentication for certain URL requests.

I have this for a vhost:

 <Directory "/usr/local/sites/someproj.prod/htdocs">
                AllowOverride None
                AuthName "SomeProject: Authorized Access Only"
                AuthType Basic
                AuthUserFile /usr/local/sites/someproj.htpasswd
                Require valid-user
          <FilesMatch "\.(png|gif|flv|js)$">
                Allow from all 
          </FilesMatch>
                Satisfy any
        </Directory>
I can confirm that the htpasswd file is there.

When i go to vhost url i bypass all authentication, same for when i pass the URL request i want bypassing authentication.

Re: [users@httpd] Problem with mod_auth

Posted by Joshua Slive <jo...@slive.ca>.

On 8/6/07, Henry Cavillones <he...@heavy.com> wrote:
>
>
>
> I have this docroot i want to password protect, but I want to bypass
> authentication for certain URL requests.
>
>  I have this for a vhost:
>
>   <Directory "/usr/local/sites/someproj.prod/htdocs">
>                  AllowOverride None
>                  AuthName "SomeProject: Authorized Access Only"
>                  AuthType Basic
>                  AuthUserFile
> /usr/local/sites/someproj.htpasswd
>                  Require valid-user
>            <FilesMatch "\.(png|gif|flv|js)$">
>                  Allow from all
>            </FilesMatch>
>                  Satisfy any
>          </Directory>
>  I can confirm that the htpasswd file is there.
>
>  When i go to vhost url i bypass all authentication, same for when i pass
> the URL request i want bypassing authentication.

Put the "Satisfy Any" inside the <FilesMatch> or put "Deny from all"
in the <Directory> section outside the <FilesMatch>.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org