Ok, thanks Brian.
For the log - after a bit of experimentation, the problem I have appears
to be that while you can password-protect a Location, Location
directives are applied after rewrites. So if you have:
ScriptAlias /cgi-bin/ /some/where/cgi-bin/
RewriteRule ^.*$ /cgi-bin/my-cms [QSA,PT,L]
<Location /somepath>
AuthType Basic
....
</Location>
Your Location will never match (because the Location is always
/cgi-bin/my-cms by the time Apache applies the Location to it).
I'll see if I can find a way around this that doesn't involve
implementing basic auth inside the CGI script.
On 26/10/2010 18:07, Brian Hirt wrote:
I don't use htaccess anywhere, but we use things like this in our config that
work just fine. You might want to make sure your Order and Allow are set up to
work correctly.
<Location /somepath>
AuthType Basic
AuthName "Restricted Directory"
AuthUserFile /some/where/user.pass
Require user someuser
</Location>
On Oct 26, 2010, at 9:55 AM, Sacha Varma wrote:
On 19:59, Brian Hirt wrote:
Use<Location> instead of<Directory>
That's the first thing I tried, and was surprised when it didn't work.
The documentation is explicit though, the only valid contexts for the mod_auth
directives are Directory and htaccess:
http://httpd.apache.org/docs/2.0/mod/mod_auth.html
Do you have a working example of doing this via<Location>?
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
