DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14726>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14726 satisfy directive scope problem? Summary: satisfy directive scope problem? Product: Apache httpd-2.0 Version: 2.0.43 Platform: Sun OS/Version: Solaris Status: NEW Severity: Blocker Priority: Other Component: Core AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] I set up a server script directory called /bug containing the attached .htaccess file and script, test.cgi. In this configuration, GETing and POSTing /bug/test.cgi both require authentication. If the order of the Limit directives is reversed, neither requires authentication. Should the "satisfy all" and "satisfy any" directives be limited to the scope of the respective Limit directives? This setup is just to demonstrate the problem and not what I actually want to achieve. ------------------------ .htaccess ---------------------------------- AuthType Basic AuthName Basic AuthUserFile /usr/local/apache2/htaccess/htpasswd AuthGroupFile /usr/local/apache2/htaccess/htgroup <Limit GET> satisfy any allow from all require valid-user </Limit> <Limit POST> satisfy all allow from all require valid-user </Limit> ---------------------- test.cgi ------------------------- #!/bin/sh cat <<EOD Content-type: text/html Hello! <p> <form action="/bug/test.cgi" method="post"> <input type="submit"> </form> EOD ------------------------------------------------------------ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
