Solved

excluding a path from Basic authentication

Posted on 2007-04-04
8
427 Views
Last Modified: 2010-08-05
I have a directive that i use to add password protection to the following director in apache:
http://servername/context/

in the directive i am only defining /context/

But i want to exclude the password protection when a user accesses a page in the following context that is contained in the secured context:
http://servername/context/sercure

the reason for this requirement is that all traffic to http://servername/context/sercure is then redirected via https and this is seen as a second session to apache and therefore asks for the user to authenticate again.

W
0
Comment
Question by:willa666
  • 3
  • 3
  • 2
8 Comments
 
LVL 27

Expert Comment

by:Nopius
ID: 18855639
> the reason for this requirement is that all traffic to http://servername/context/sercure is then redirected via https and this is seen as a second session to apache and therefore asks for the user to authenticate again.

This problem was discussed before and it has solution for 'Digest' authentication. http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Apache/Q_21874291.html

So if it's not a problem I recommend you to switch from 'Basic' to 'Digest' and use this feature with this apache directive:

AuthDigestDomain http://servername/context/ https://servername/context/

If you insist on Basic (which is insecure and all passwords goes throuth the Internet in cleartext), you may change context/secure/.htaccess to allow access without any authentication with following 2 options:

Allow from all
Satisfy Any

You need to test it.
0
 
LVL 15

Expert Comment

by:samri
ID: 18856546
0
 
LVL 1

Author Comment

by:willa666
ID: 18856790
Nopius:
 this is a separate issue. before we had the sessions skipping from one web server to another. we have worked around this and now we have this issue. AuthDigestDomain is not a viable solution for this issue.

samri:
 do you think that adding another unrestricted security directed will work?
0
 
LVL 1

Author Comment

by:willa666
ID: 18856805
samri:
 i will try it out and see what happens

Nopius:
 Is AuthDigestDomain still an experimental plug in?
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 27

Expert Comment

by:Nopius
ID: 18857120
Yes, mod_auth_digest is still experimental in Apache,
but Digest authentication type supported in most browsers (see notes in apache docs for MSIE).

Some of directives are not implemented yet or implemented partially (not AuthDigestDomai).
0
 
LVL 15

Expert Comment

by:samri
ID: 18858253
willa666,

go ahead and give it a shot. I personally would go for a simple solution that works.  However, the new authentication scheme like mod_auth_digest would be a plus to explore.

give it a shot and share with us the result.

cheers.
0
 
LVL 1

Author Comment

by:willa666
ID: 18859464
I have tried it but i am using location match rather then directory

<LocationMatch "/context">
      SetHandler weblogic-handler
  AllowOverride AuthConfig
  AuthType Basic
  AuthName " NCL web application(s)"
  AuthUserFile /etc/httpd/conf/users
  Require user Usr1 Usr2

</LocationMatch>

<LocationMatch "/context/sercure">
        SetHandler weblogic-handler
    Options Indexes
    Order allow,deny
    Allow from all
</LocationMatch>

any ideas?
0
 
LVL 27

Accepted Solution

by:
Nopius earned 500 total points
ID: 18861858
<LocationMatch "/context/sercure">
        SetHandler weblogic-handler
    Options Indexes
    Order allow,deny
    Allow from all
    Satisfy any
</LocationMatch>
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
slow web access in oversea location 3 35
Need help with htaccess file 10 52
file path 14 63
Setting up a WAMP server... 7 50
In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now