Discussion:
Apache password-protect for different subdirectories
Rai Ricafrente
2011-03-14 02:56:40 UTC
Permalink
I am trying to put different passwords for each Apache subdirectory like:

http://mysitehere.com/ (different set of users)
http://mysitehere.com/subA (different set of users)
http://mysitehere.com/subB (yet another set of users)

I configured Apache like:

<VirtualHost *:80>
ServerAdmin ***@mysitehere.com
DocumentRoot /var/www/mysitehere
ServerName mysitehere.com

#This is http://mysitehere.com/
<Directory "/var/www/mysitehere">
AuthType Basic
AuthName "Password Required"
AuthUserFile /var/www/passwords/mysitehere
Require valid-user
Satisfy all
</Directory>

#This is http://mysitehere.com/subA

Alias /subA /var/www/subA

<Directory "/var/www/subA">
AuthType Basic
AuthName "subA Password Required"
AuthUserFile /var/www/passwords/subA
Require valid-user
Satisfy any
</Directory>

</VirtualHost>


It does not work. Am I missing something?

Thanks!

- Rai
_______________________________________________
NZLUG mailing list ***@linux.net.nz
http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
Dan Richardson
2011-03-14 03:09:09 UTC
Permalink
G'day,

How did you create the passwd files, htpasswd?

Do any of the protected directories work?

Cheers
Post by Rai Ricafrente
http://mysitehere.com/ (different set of users)
http://mysitehere.com/subA (different set of users)
http://mysitehere.com/subB (yet another set of users)
<VirtualHost *:80>
DocumentRoot /var/www/mysitehere
ServerName mysitehere.com
#This is http://mysitehere.com/
<Directory "/var/www/mysitehere">
AuthType Basic
AuthName "Password Required"
AuthUserFile /var/www/passwords/mysitehere
Require valid-user
Satisfy all
</Directory>
#This is http://mysitehere.com/subA
Alias /subA /var/www/subA
<Directory "/var/www/subA">
AuthType Basic
AuthName "subA Password Required"
AuthUserFile /var/www/passwords/subA
Require valid-user
Satisfy any
</Directory>
</VirtualHost>
It does not work. Am I missing something?
Thanks!
- Rai
_______________________________________________
http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
_______________________________________________
NZLUG mailing list ***@linux.net.nz
http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
Jim Cheetham
2011-03-14 04:17:52 UTC
Permalink
Post by Rai Ricafrente
It does not work. Am I missing something?
Yes, a description of
* what tests you actually ran
* what you expected to happen for each test
* what actually happened
* any associated error log output

I can see what you are intending, and how you have attempted it,
that's a good start.

Without checking the documentation, I suspect what's happening is that
you cannot "override" the authentication for the parent directory with
a different auth for a subdir, but that's only a first guess.

So, what is actually happening?

-jim

_______________________________________________
NZLUG mailing list ***@linux.net.nz
http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
Rai Ricafrente
2011-03-14 23:47:48 UTC
Permalink
Oopps, sorry for the misleading questions and I appreciate your feedbacks.

What was happening when a user tries to access
http://mysitehere.com/subAis he was being asked for the password of
http://mysitehere.com/. The original config file looks like this:


<VirtualHost *:80>
ServerAdmin ***@mysitehere.com
DocumentRoot /var/www/mysitehere
ServerName mysitehere.com

#This is http://mysitehere.com/
<Directory "/var/www/mysitehere">
AuthType Basic
AuthName "Password Required"
AuthUserFile /var/www/passwords/mysitehere
Require valid-user
Satisfy all
</Directory>

#This is http://mysitehere.com/subA
<Directory "/var/www/mysitehere/subA">

AuthType Basic
AuthName "subA Password Required"
AuthUserFile /var/www/passwords/subA
Require valid-user
Satisfy any
</Directory>

</VirtualHost>

The passwords were made using htpasswd. I guess when Apache tries to go to
the subdir of /var/www/mysitehere/subA, it needs to check if the user is
allowed to go to /var/www/mysitehere first, before it descends to the
subdir. But users of http://mysitehere.com/ is different from
http://mysitehere.com/subA, so I used the following config:


<VirtualHost *:80>
ServerAdmin ***@mysitehere.com
DocumentRoot /var/www/mysitehere
ServerName mysitehere.com

#This is http://mysitehere.com/
<Directory "/var/www/mysitehere">
AuthType Basic
AuthName "Password Required"
AuthUserFile /var/www/passwords/mysitehere
Require valid-user
</Directory>

#This is http://mysitehere.com/subA

Alias /subA /var/www/subA

<Directory "/var/www/subA">
AuthType Basic
AuthName "subA Password Required"
AuthUserFile /var/www/passwords/subA
Require valid-user
</Directory>

</VirtualHost>

The subdir was moved outside the parent directory and the alias was added. I
just have to remove the "Satisfy" directive in order for the password to
take effect in the subdir.

Thanks for the help guys :)
Post by Jim Cheetham
Post by Rai Ricafrente
It does not work. Am I missing something?
Yes, a description of
* what tests you actually ran
* what you expected to happen for each test
* what actually happened
* any associated error log output
I can see what you are intending, and how you have attempted it,
that's a good start.
Without checking the documentation, I suspect what's happening is that
you cannot "override" the authentication for the parent directory with
a different auth for a subdir, but that's only a first guess.
So, what is actually happening?
-jim
_______________________________________________
http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
_______________________________________________
NZLUG mailing list ***@linux.net.nz
http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug

Loading...