You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Marc <Ma...@f1-outsourcing.eu> on 2023/08/12 16:56:59 UTC

[users@httpd] allow general access after 1 auth

I was wondering if it is possible to allow general access to an url after some account authenticated for this url. Without the necessity to adapt the web application for this

Say we have closed https://www.example.com/webapp with something like
Require valid-user
Order deny,allow
Deny from all

If someone authenticates on https://www.example.com/webapp, the url is available for everyone. 

Some inactivity timeout should lock the url again.

Re: [users@httpd] allow general access after 1 auth

Posted by Daniel Ferradal <df...@apache.org>.

El dom, 13 ago 2023 14:45, Will Fatherley <we...@gmail.com> escribió:

>
>
>>  No, that doesn't satisfy the following:
>>
>> > If someone authenticates on https://www.example.com/webapp, the url is
>> available for everyone.
>
>
>> Could the complicating allow directive sequence be placed in an if/else
> type of scope that uses some elements of the deciding session?


But why are you using deprecated Order, Allow,Deny directives , use
Require, still if I understand correctly what you want to do is not part of
the http scope, but more something related to programming.

>

Re: [users@httpd] allow general access after 1 auth

Posted by Will Fatherley <we...@gmail.com>.

>
>  No, that doesn't satisfy the following:
>
> > If someone authenticates on https://www.example.com/webapp, the url is
> available for everyone.


> Could the complicating allow directive sequence be placed in an if/else
type of scope that uses some elements of the deciding session?

Re: [users@httpd] allow general access after 1 auth

Posted by Eric Covener <co...@gmail.com>.

On Sat, Aug 12, 2023 at 1:30 PM Will Fatherley <we...@gmail.com> wrote:
>
>
>>
>> I was wondering if it is possible to allow general access to an url after some account authenticated for this url. Without the necessity to adapt the web application for this
>>
>>
> Yes, that would be mod session and it’s related modules

 No, that doesn't satisfy the following:

> If someone authenticates on https://www.example.com/webapp, the url is available for everyone.




-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] allow general access after 1 auth

Posted by Will Fatherley <we...@gmail.com>.

>
> I was wondering if it is possible to allow general access to an url after
> some account authenticated for this url. Without the necessity to adapt the
> web application for this
>

> Yes, that would be mod session and it’s related modules