Roman Medina-Heigl Hernandez wrote:
Hello,
I'm working on an ISP/Hosting environment and I'm having trouble to figure
out how to solve a problem which (I think) involves mixing several
modules/concepts:
- pages should be protected with basic-auth where user database should
reside on MySQL (mod_authn_dbd). The mysql table basically contains 3
fields: user, password and path
- pages should be rewritten (mod_rewrite) based on authenticated user *and*
the path associated to that user.
So for instance, accesing to http://isp/stats/ should:
1.- Ask for user/pass
2.- If the user exists in MySQL table (and password is ok), the path
(associated to that user) should be retrieved from the same table. Let's
say we have user "Tom" with path "/home/Tom".
3.- Finally Apache should serve /home/Tom/stats/.
Is this achievable?
It may not be possible to do what you want. Apache locates the file to serve before deciding
whether to prompt for authentication.
For example: even if authentication is required for /home - there may be "Satisfy Any" and "Allow
from all" directives for /home/Mary. If the "AllowOverride AuthConfig" directive is specified -
there might be a .htaccess file in /home/Mary which prevents authentication from being needed.
In either case, access to /home/Mary doesn't require authentication, and
shouldn't prompt for it.
This is why the steps are:
1.) determine the file Apache should serve
2.) decide if authentication is needed for this file, based on its directory or parent directories,
or directives contained in <Location>, <Files>, .htaccess, etc.
3.) prompt for authentication only if it is needed
It's a catch-22 to require the results of authentication to determine which
file to serve.
You might say "I don't do any of those things which prevent authentication" - but it is not easy for
Apache to consider in advance all the possibilities that "http://isp/stats/ " might get re-written
to, and then check that there are none of "those things" for any of them before prompting a user for
authentication.
-tom-
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
