httpd-wiki-changes mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Httpd Wiki] Update of "Recipies/BypassAuthenticationOrAuthorizationRequirements" by pctony
Date Mon, 16 Oct 2006 22:33:02 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.

The following page has been changed by pctony:
http://wiki.apache.org/httpd/Recipies/BypassAuthenticationOrAuthorizationRequirements

The comment on the change is:
copied from ebp-moin

New page:
= Bypass Authentication Or Authorization Requirements =
With satisfy you can instruct your Apache Server to bypass either authentication or authorization
requirements that are currently configured.  [[BR]] Or to ensure that all criteria  are met
satisfactorily before allowing the connection any further.

Satisfy comes with two options:

 * '''Satisfy Any''' will allow Apache to bypass one of the requirements.
 
[[BR]] [[BR]] For the rest of this recipie lets set an example scenario.

{{{
<Directory /home/www/site1/private>
  AuthUserFile /home/www/site1-passwd
  AuthType Basic
  AuthName MySite
  Require valid-user
</Directory>
}}}
With this configuration, your users will be required to authenicate as normal.

But lets say for example you want people from your LAN to have full access, without being
prompted for a password.  In this scenario we could use:

{{{
<Directory /home/www/site1/private>
  AuthUserFile /home/www/site1-passwd
  AuthType Basic
  AuthName MySite
  Require valid-user
  Allow from 172.17.10
  Satisfy Any
</Directory>
}}}
This will basically force everyone from the outside to authenticate, but those coming from
the LAN IP range would not be required to do so.  [[BR]] Apache will let them access the directory,
with authenticating.

This will also work with a subdirectory in your protected directory. Let's say, you have a
subdirectory in private called noprotect that you want to allow everyone access without being
prompted for a credentials. You could do this:

{{{<Directory /home/www/site1/private/noprotect>
  Order allow,deny
  Allow from all
  Satisfy any
</Directory>
}}}

For further information on the satisfy directive, see the Apache Doc for it [http://httpd.apache.org/docs/2.2/mod/core.html#satisfy
here]

Mime
View raw message