I have a problem where authorisation behaves differently when a rewrite rule is moved from the main configuration to an .htaccess file. Any advice appreciated.

The site looks like this:

$ tree /var/www5
/var/www5
|-- dir1
    |-- test1.html
|-- dir2
|   |-- test2.html
|-- index.html
|-- passwords

I want the site to default to requiring a login, except that dir1/test1.html should be readable by anybody. There's a complication, which is that a rewrite rule sets the home page to dir1/test1.html, rather than index.html. So the expected HTTP status codes are:

http://localhost/                 200 (because of the rewrite)
http://localhost/index.html       401
http://localhost/dir1/test1.html  200
http://localhost/dir2/test2.html  401

This configuration works exactly as expected:

<VirtualHost *:80>
  DocumentRoot /var/www5

  <Location />
    AuthType Basic
    AuthName Test
    AuthBasicProvider file
    AuthUserFile "/var/www5/passwords"
    Require  valid-user
  </Location>

  <Directory /var/www5/dir1>
    <If true>
      Require all granted
    </If>
  </Directory>

  RewriteEngine On
  RewriteRule ^(/)?$ /dir1/test1.html [L]
</VirtualHost>

Ok, here's the problem: I actually need to move the rewrite out to an .htaccess file, so I've moved the RewriteEngine and RewriteRule lines out to /var/www5/.htaccess. The new configuration file looks like:

<VirtualHost *:80>
  DocumentRoot /var/www5

  <Location />
    AuthType Basic
    AuthName Test
    AuthBasicProvider file
    AuthUserFile "/var/www5/passwords"
    Require  valid-user
  </Location>

  <Directory /var/www5>
    AllowOverride All
  </Directory>

  <Directory /var/www5/dir1>
    <If true>
      Require all granted
    </If>
  </Directory>
</VirtualHost>

This *doesn't* work. What I get now is:

http://localhost/                 401
http://localhost/index.html       401
http://localhost/dir1/test1.html  200
http://localhost/dir2/test2.html  401

I now have to log in to visit http://localhost/. The rewrite does work; if I log in, I get the dir1/test1.html page.

Thanks.

Reply via email to