On 8/23/06, Jignesh Badani <[EMAIL PROTECTED]> wrote:
Hello all, let me try again.
I have the following restriction in place:
SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in
SetEnvIf COOKIE ^XSESSION let_xuser_in
<Location />
Order Deny,Allow
Deny from all
Allow from env=let_10161_in
Allow from env=let_xuser_in
</Location>
It basically means users whose X-FORWARDED-FOR contains 10.161 gets in.
Also it allows users who have a Cookie "XSESSION" gets in.
Now, how do I combine them such that only users with both the conditions
set can get in or otherwise Deny access.
Meaning, a user has to come from 10.161 and also needs to have a XSESSION
cookie set inorder to get access.
Can I form such an expression in SetEnvIf ? If so how ?
# This next line always matches
SetEnvIf Remote_Addr . let_10161=0
SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in=1
SetEnvIf COOKIE ^XSESSION let_xuser_in
SetEnvIf let_10161_in ^0$ !let_xuser_in
Allow from env=let_xuser_in
You can write it in a less obtuse way if you use mod_rewrite.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
