Greetings Michael!
What should work is the following:
<Directory /var/www/localhost/htdocs>
deny from all
allow from 10.0.0.72
AuthName "MailSource UK Intranet Zone, authentication required"
AuthType Basic
AuthMySQLHost localhost
AuthMySQLEnable on
AuthMySQLUser xxxxxxx
AuthMySQLPassword xxxxxxx
AuthMySQLDB auth
AuthMySQLUserTable users
AuthMySQLNameField user_name
AuthMySQLPasswordField user_passwd
AuthMySQLGroupTable groups
AuthMySQLGroupField user_group
Require group user admin
satisfy any
</directory>
William Paredes
Computer Based education
Albert Einstein College of Medicine
Bronx, New York USA
Michael Luff wrote:
Hi Elaine,
Many thanks for the help, I’ve now got:
<Directory /var/www/localhost/htdocs>
AuthName "MailSource UK Intranet Zone, authentication required"
AuthType Basic
AuthMySQLHost localhost
AuthMySQLEnable on
AuthMySQLUser xxxxxxx
AuthMySQLPassword xxxxxxx
AuthMySQLDB auth
AuthMySQLUserTable users
AuthMySQLNameField user_name
AuthMySQLPasswordField user_passwd
AuthMySQLGroupTable groups
AuthMySQLGroupField user_group
# This next line controls which group(s) can access the resource
AllowOverride none
Require group user admin
Order allow,deny
Allow from 10.0.0.72
Satisfy Any
</Directory>
But now anyone can access it, not just the IUP address I’ve specified!
I can’t seem to get around this all or nothing problem.
Can you see anything I’ve done wrong?
Regards,
Michael.
*From:* elaine [mailto:[EMAIL PROTECTED]
*Sent:* 19 July 2006 13:49
*To:* users@httpd.apache.org
*Subject:* Re: [EMAIL PROTECTED] mod_auth_mysql
Michael,
Try to use the "allow" and "satisfy" directives.
This is an example, that we use to protect our intranet access :
(Note that the IP's and server name were modified, and we use the deny
directive
to refuse connections from reception kiosk.)
<Limit GET PUT POST>
# Allow access only to authenticated users from MySQL
# or users that are in the intranet
# (except IP xx.xx.xx.xx : reception kiosk)
require valid-user
Order allow,deny
Deny from xxx.xxx.xx.x
# Allow access from our internal network without
# username and password
Allow from example.com
Satisfy any
</Limit>
You can read more details about Satisfy directive :
http://httpd.apache.org/docs/2.2/mod/core.html#satisfy
Regards,
Elaine
Michael Luff wrote:
Hi All,
I’ve got mod_auth_mysql working nicely but I would like the users on
my internal network not to have to enter a username and password, just
people accessing from outside.
I’ve tried various solutions using Order deny,allow; allow from and so
forth but with no luck, I end up with everyone being prompted or no-one.
Here’s my unmodified <Directory> command from my httpd.conf that
requires everyone to supply a password, can anyone suggest how I can
modify it to allow access from 10.0.0?
<Directory /var/www/localhost/htdocs>
AuthName "authentication required"
AuthType Basic
AuthMySQLHost localhost
AuthMySQLEnable on
AuthMySQLUser xxxxxx
AuthMySQLPassword xxxxxxx
AuthMySQLDB auth
AuthMySQLUserTable users
AuthMySQLNameField user_name
AuthMySQLPasswordField user_passwd
AuthMySQLGroupTable groups
AuthMySQLGroupField user_group
# This next line controls which group(s) can access the resource
require group user admin
</Directory>
Regards,
*Michael Luff** *MSc B.Eng (Hons) MIET*
**Facilities & Systems Manager *
T: +44 (0)20 8614 7604
F: +44 (0)20 8614 7601
M: +44 (0)7976 404956
E: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
*MailSource UK Limited *
- Europe's leading specialist in integrated document delivery solutions
- Holders of the RoSPA Health & Safety Gold Medal 2006/2007
Northumberland House
15 Petersham Road
Richmond-upon-Thames
Surrey TW10 6TP
*www.mailsource.co.uk <http://www.mailsource.co.uk/>*
*MailSource UK Limited *
- Europe's leading specialist in integrated document delivery solutions
- Holders of the RoSPA Health & Safety Gold Medal 2006/2007
Northumberland House
15 Petersham Road
Richmond-upon-Thames
Surrey TW10 6TP
*www.mailsource.co.uk <http://www.mailsource.co.uk/>*
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
