You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Cairen Lajia <Ca...@itec.suny.edu> on 2006/08/10 17:25:46 UTC
[users@httpd] Using mod_auth_basic to secure dynamic pages from database
Hi All,
This is a newbie question, and is my first post.
I am trying to secure some pages of one of our applications using
mod_auth_basic.
I kind of know how to secure the page if it exists in the file system. But
in my case,
all these pages are stored in the database, even including the folders.
For example, below is the url for one of the pages:
http://test.department.myschool.edu/confluence/display/cairen/page_title
Except the "http://test.department.myschool.edu/confluence/", all the rest
are retrieved from the database.
In another words, the folders "/display/cairen", and page "page_title"
don't exist on the file system.
I prefer to use .htaccess file since it doesn't require to restart the
apache. How can
I get those dynamic pages secured using .htaccess? Are there any other
alternatives instead of using .htaccess?
I desperately need some help on this issue.
Your input is highly appreciated!!
Best,
Cairen
Re: [users@httpd] Using mod_auth_basic to secure dynamic pages from
database
Posted by Cairen Lajia <Ca...@itec.suny.edu>.
Joshua,
Thank you very much for your help! Today is first day on this list, and
you made my first trip very enjoable.
Best,
Cairen
"Joshua Slive" <jo...@slive.ca>
Sent by: jslive@gmail.com
08/10/2006 11:51 AM
Please respond to
users@httpd.apache.org
To
users@httpd.apache.org
cc
Subject
Re: [users@httpd] Using mod_auth_basic to secure dynamic pages from
database
On 8/10/06, Cairen Lajia <Ca...@itec.suny.edu> wrote:
>
>
> Joshua,
>
> Thank you very much for your prompt response.
>
> We try to avoid restarting the apache as few as possible,
> so beside using the <location> in httpd.conf, are there any other ways
to do this? Or any third part product that you know for this purpose?
> Thanks again for your help!
No simple ways. mod_rewrite can restrict access based on contents of
an external (text or dbm) database.
But unless you are planning to make changes dozens of times per day,
doing an occasional restart shouldn't be a big deal -- especially if
you use "graceful".
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Using mod_auth_basic to secure dynamic pages from database
Posted by Joshua Slive <jo...@slive.ca>.
On 8/10/06, Cairen Lajia <Ca...@itec.suny.edu> wrote:
>
>
> Joshua,
>
> Thank you very much for your prompt response.
>
> We try to avoid restarting the apache as few as possible,
> so beside using the <location> in httpd.conf, are there any other ways to do this? Or any third part product that you know for this purpose?
> Thanks again for your help!
No simple ways. mod_rewrite can restrict access based on contents of
an external (text or dbm) database.
But unless you are planning to make changes dozens of times per day,
doing an occasional restart shouldn't be a big deal -- especially if
you use "graceful".
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Using mod_auth_basic to secure dynamic pages from
database
Posted by Cairen Lajia <Ca...@itec.suny.edu>.
Joshua,
Thank you very much for your prompt response.
We try to avoid restarting the apache as few as possible,
so beside using the <location> in httpd.conf, are there any other ways to
do this? Or any third part product that you know for this purpose?
Thanks again for your help!
Cairen
"Joshua Slive" <jo...@slive.ca>
Sent by: jslive@gmail.com
08/10/2006 11:34 AM
Please respond to
users@httpd.apache.org
To
users@httpd.apache.org
cc
Subject
Re: [users@httpd] Using mod_auth_basic to secure dynamic pages from
database
On 8/10/06, Cairen Lajia <Ca...@itec.suny.edu> wrote:
>
> Hi All,
>
> This is a newbie question, and is my first post.
> I am trying to secure some pages of one of our applications using
> mod_auth_basic.
> I kind of know how to secure the page if it exists in the file system.
But
> in my case,
> all these pages are stored in the database, even including the folders.
> For example, below is the url for one of the pages:
> http://test.department.myschool.edu/confluence/display/cairen/page_title
> Except the
> "http://test.department.myschool.edu/confluence/", all the
> rest are retrieved from the database.
> In another words, the folders "/display/cairen", and page "page_title"
don't
> exist on the file system.
>
> I prefer to use .htaccess file since it doesn't require to restart the
> apache. How can
> I get those dynamic pages secured using .htaccess? Are there any other
> alternatives instead of using .htaccess?
> I desperately need some help on this issue.
> Your input is highly appreciated!!
You can't use .htaccess to restrict resources that don't come from the
filesystem.
Instead, in httpd.conf, use <Location>. See:
http://httpd.apache.org/docs/2.2/sections.html#file-and-web
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Using mod_auth_basic to secure dynamic pages from database
Posted by Joshua Slive <jo...@slive.ca>.
On 8/10/06, Cairen Lajia <Ca...@itec.suny.edu> wrote:
>
> Hi All,
>
> This is a newbie question, and is my first post.
> I am trying to secure some pages of one of our applications using
> mod_auth_basic.
> I kind of know how to secure the page if it exists in the file system. But
> in my case,
> all these pages are stored in the database, even including the folders.
> For example, below is the url for one of the pages:
> http://test.department.myschool.edu/confluence/display/cairen/page_title
> Except the
> "http://test.department.myschool.edu/confluence/", all the
> rest are retrieved from the database.
> In another words, the folders "/display/cairen", and page "page_title" don't
> exist on the file system.
>
> I prefer to use .htaccess file since it doesn't require to restart the
> apache. How can
> I get those dynamic pages secured using .htaccess? Are there any other
> alternatives instead of using .htaccess?
> I desperately need some help on this issue.
> Your input is highly appreciated!!
You can't use .htaccess to restrict resources that don't come from the
filesystem.
Instead, in httpd.conf, use <Location>. See:
http://httpd.apache.org/docs/2.2/sections.html#file-and-web
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org