You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Ja...@benenden.org.uk on 2003/06/19 12:58:28 UTC

[users@httpd] Authenticating only certain file types

I have a LINUX MANDRAKE 9.0 server setup using Apache 1.3 with mod_NTLM. 
The mod_ntlm works great, but the only real need for it is to get the user's
login information - I only need this if the file they are retrieving is a
PHP  file. 
So I thought - I'll restrict the authentication to just .php files using
<Files ~ "\.php$">

Now this works OK, EXCEPT if I try accessing http://servername or any other
directory indexes (default to index.php) give an immediate 401 error.

It is NOT attempting NTLM authentication as I get the server's 401 error
when using Mozilla, rather than the expected 'Server is using an
authentication method not supported by this browser' error. 

It Even gives a 401 error if there is NO Index file in that directory at
all!!

http://servername/index.php will load perfectly fine (picking up my NT
username fine)

Here is the block of my httpd.conf file which does the authentication
(/var/www/html is the DocumentRoot)

<Directory /var/www/html>
 <Files ~ "\.php$">
  Options -Indexes FollowSymLinks Multiviews
  AllowOverride All
  AuthType NTLM
  NTLMAuth on
  NTLMAuthoritative on
  NTLMDomain ENTERPRISE
  NTLMServer picard
  NTLMBackup neelix
  AuthName ByPassword
  require valid-user

  Order deny,allow
  Deny from all
  Allow from 127.0.0.1

  satisfy any
 </Files>
</Directory>

Any suggestions

TIA

Jamie

--------------------------------------------
Jamie.kerwick@benenden.org.uk
ITS
Internal Extension : 5806
Direct Dial        : 0870 754 5806
--------------------------------------------

************** E-mail Disclaimer **************

This e-mail message is confidential and for use by the addressee only.  If the message is received by anyone other than the addressee, please return the message to the sender by replying to it and then delete the message from your computer.  Please note that any views, or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of The Benenden Healthcare Society Limited.  The recipient should check this e-mail and any attachments for the presence of viruses.  The Benenden Healthcare Society Limited accepts no liability for any damages caused by any virus transmitted by this email and its attachments. The Benenden Healthcare Society Limited is regulated by the Financial Services Authority (FSA) and is an Incorporated Friendly Society, registered under the Friendly Societies Act 1992. Registered No: 480F. 

The Benenden Healthcare Society Limited, Registered Office: Holgate Park Drive, York, YO26 4GG. Tel 0870 7545 700  Fax 0870 7545 821  www.benenden.org.uk.

***********************************************

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org