Hello there,
I'm now confused about how authentication with .htaccess on Apache is
implemented. Suppose that I got two directories, /home/Anderson/public_html/
and /home/A/B/, and they are all defined almost identically in httpd.conf :
<Directory /home/*/public_html>
Options FollowSymLinks MultiViews
AllowOverride Limit Options FileInfo AuthConfig
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS PROPFIND>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
<Directory /home/A/*>
(...... Same as above)
</Directory>
The only difference maybe is that /home/A/B is a VirtualHost(www.ABC.org).
Now I am planning to authenticate my users by usernamd and password controlled
by LDAP if they are not connecting with a specific IP I indicate. When I put my
.htaccess under /home/Anderson/public_html/ and /home/A/B/, it seems that only
the one under /home/Anderson/public_html/ works. While I try to access
www.ABC.org, all of the authenticative function is invaild and users are
permitted to view my page without any restriction. Here is my .htaccess :
AuthName "Login or Kick Your Ass !"
AuthLDAPUrl ldap://www.xxx.org/......
AuthType Basic
<Limit GET POST>
Order deny,allow
Deny from all
Allow from 10.0.0.1
require user Arthas Thrall Jaina
Satisfy any
</Limit>
Was there any mistake I made during my configuring or something I missed
here? Anyway, thanks for the patience of your reading.
Thanks,
Anderson
--
Trust & Unique ...
Axacheng's PGP Public Key http://www.navigation.idv.tw/pgpkey
