Tutorial :How to password control access to all urls except one in apache 2



Question:

I want to password protect all urls on my beta site at the moment. Except one url because it is called by flash and flash can't handle basic auth properly it seems. So i want to disable basic auth for that one url. This is my config in apache. Apache is a proxy for tomcat but that should not matter right ?

<IfModule mod_proxy_ajp.c>  ProxyRequests On  ProxyVia On      <Location /uploader>  Order allow,deny  Allow from all  ProxyPass ajp://localhost:8050/uploader  ProxyPassReverse ajp://localhost:8050/uploader  </Location>      <Location />  Order allow,deny  Allow from all  AuthType Basic  AuthName "Restricted area"  AuthUserFile /etc/apache2/passwd/site-access  Require valid-user  ProxyPass ajp://localhost:8050/  ProxyPassReverse ajp://localhost:8050/  </Location>    </IfModule>  

SO my thinking is that if http://www.example.com/uploader is called then the first location config is should be matched and no auth is required.

This does not seem to work i always get asked for auth. Any ideas ?

regards Peter Delahunty


Solution:1

Add Satisfy Any to the uploader location:

<Location /uploader>  Order allow,deny  Satisfy Any  Allow from all  ProxyPass ajp://localhost:8050/uploader  ProxyPassReverse ajp://localhost:8050/uploader  </Location>  

This is documented in the Apache docs, but under the description of the Require directive.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »