Quantcast
Channel: Active questions tagged config - Stack Overflow
Viewing all articles
Browse latest Browse all 5049

Apache 2.4: is it possible to authenticate a subdirectory independently of parent directory authentication?

$
0
0

After extensive googling, I've found many examples of:

  1. Parent directory is open to public, but subdirectory and/or specific file(s) require(s) authentication
  2. Parent directory requires authentication, but subdirectory and/or specific file(s) are open to the public

These two objectives both seem easier and possible to achieve.

However, I can't seem to find a question, or an answer to how to do the following:

  1. Parent directory authenticates to a group and user password file, while subdirectory authenticates to an independent group and user password file.

Is this possible?


e.g.

given:
/wwwroot/dir
/wwwroot/dir/subdir

httpd.conf:

<Directory "/wwwroot/dir">      Options Indexes SymLinksIfOwnerMatch      AuthType Basic      AuthName "Restricted Files"      AuthBasicProvider file      AuthUserFile /passwd/passwd.users      AuthGroupFile /passwd/groups      Require group some.People</Directory><Directory "/wwwroot/dir/subdir">      Options SymLinksIfOwnerMatch      AuthType Basic      AuthName "Other Restricted Files"      AuthBasicProvider file      AuthUserFile /passwd/passwd.other.users      AuthGroupFile /passwd/other.groups      Require group other.People</Directory>

This doesn't seem to work at all. Users from some.People still have access to /wwwroot/dir/subdir, and users from other.People don't authenticate at all.


I even tried this (which is not really what I want):

httpd.conf:

<Directory "/wwwroot/dir">      Options Indexes SymLinksIfOwnerMatch      AuthType Basic      AuthName "Restricted Files"      AuthBasicProvider file      AuthUserFile /passwd/passwd.users      AuthGroupFile /passwd/groups      Require group some.People other.People</Directory><Directory "/wwwroot/dir/subdir">      Options SymLinksIfOwnerMatch      AuthType Basic      AuthName "Restricted Files"      AuthBasicProvider file      AuthUserFile /passwd/passwd.users      AuthGroupFile /passwd/groups      Require group other.People</Directory>

This is setup with a shared AuthName and shared set of group and user password files. Even if this worked as I conceived it, this is not really what I want, since it would mean that other.People have access to the /wwwroot/dir parent directory. However, even using this setup, I can't get other.People to successfully authenticate in /wwwroot/dir/subdir.


I found a slightly cryptic note in the apache docs that multiple <Directory> directives that apply to the same directory are evaluated in the order that they appear in the config file, so I also tried swapping the two section above around, but that didn't seem to make any difference. There's another note, seemingly contradictory, that <Directory> directives are evaluated in order of shortest path to longest, which seems to me to indicate that /wwwroot/dir will always be processed before /wwwroot/dir/subdir.


Viewing all articles
Browse latest Browse all 5049

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>