You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Marc SCHAEFER <sc...@alphanet.ch> on 2022/02/11 19:52:02 UTC

[users@httpd] Dynamic authentication rules

Hello,

In general, I would handle that kind of authentification tricks in a
perl script, however in this case I would need to protect a script
directly in Apache.

What presumably would work:

<If "%{QUERY_STRING} =~ /^someapp\/\?domain=testing;/">
       AuthType Basic
       AuthName "Login Required for testing"
       AuthUserFile /shared/testing/htpasswd
       Require valid-user
</If>

What I would like to do:

<If "%{QUERY_STRING} =~ /^someapp\/\?domain=([a-z]+);/">
       AuthType Basic
       AuthName "Login Required for $1"
       AuthUserFile /shared/$1/htpasswd
       Require valid-user
</If>

Is there a way to do something dynamic like this ?

Thank you for any pointer.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Dynamic authentication rules

Posted by Marc SCHAEFER <sc...@alphanet.ch>.

On Fri, Feb 11, 2022 at 06:21:50PM -0500, stormy wrote:
> Maybe I'm missing something that you refer to as "tricks" and "presumably"?
> Proof of concept?  Context?

If the dynamic way does not work, I will simply generate about 100
different configurations and merge them in Apache, it's not complicated
to do, just a bit silly IF there is some support dynamicity that
I missed in the documentation.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Dynamic authentication rules

Posted by stormy <st...@stormy.ca>.

On 2022-02-11 2:52 p.m., Marc SCHAEFER wrote:
> Hello,
> 
> In general, I would handle that kind of authentification tricks in a
> perl script, however in this case I would need to protect a script
> directly in Apache.
> 
> What presumably would work:
> 
> <If "%{QUERY_STRING} =~ /^someapp\/\?domain=testing;/">
>         AuthType Basic
>         AuthName "Login Required for testing"
>         AuthUserFile /shared/testing/htpasswd
>         Require valid-user
> </If>

Maybe I'm missing something that you refer to as "tricks" and 
"presumably"?  Proof of concept?  Context?

To "protect a script" is normally at system level.  Why do you "need" to 
do this "directly in Apache"?  Users?  Permissions?  It doesn't really 
matter whether you write in perl or my favourites fortran and cobol.

Best -- Paul
Tired old sys-admin.

> 
> What I would like to do:
> 
> <If "%{QUERY_STRING} =~ /^someapp\/\?domain=([a-z]+);/">
>         AuthType Basic
>         AuthName "Login Required for $1"
>         AuthUserFile /shared/$1/htpasswd
>         Require valid-user
> </If>
> 
> Is there a way to do something dynamic like this ?
> 
> Thank you for any pointer.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org