On 6/1/07, Liz Kim <[EMAIL PROTECTED]> wrote:
Hello,
I have a question about multi-layered authentication.
Say there are 3 directories A, B and C
/A
/A/B
/A/B/C
1. Users with a login/password or on the <xxx.com > domain to be able to
access A:
<Directory /A>
AuthUserFile a_passwd
AuthType Basic
Require valid-user
order deny,allow
deny from all
allow from xxx.com
Satisfy any
</Directory>
2. ONLY users on domain <yyy.com> are allowed to B:
<Directory /A/B>
order deny,allow
deny from all
allow from yyy.com
</Directory>
3. ONLY users on domain <zzz.com> are allow to C:
<Directory /A/B/C>
order deny,allow
deny from all
allow from zzz.com
</Directory>
It appears that both 2 and 3 are not working correctly. They still prompt
for a login/password acting like a "Satisfy any"...
When I tried to put "Satisfy All" for 2 and 3, even the users coming from an
allowed domain are prompted for a login/passwd.
There is no way to turn require off once it is on.
You can do
Require non-existant-user
in the subdirectories to make sure that nobody can every use a
password to enter. But you'll still get the auth prompt.
The only way around this would be to move the subdirectories to a
different part of the filesystem, and then Alias them back into the
proper place in the webspace. Then the auth directives wouldn't be
inherited.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
