2009/6/9 Francesc Romà i Frigolé
<[email protected]<francesc.roma%[email protected]>
>
> I'm trying the new feature $c->req->remote_user introduced in 5.80005. I'd
> like to know if it is possible to tell apache, in a .htaccess file, to not
> ask authentication for a certain set of URIs (for example matching /public/)
>
> I'm on a shared account in asmallorange.com ( apache 1.3.41). I'm using
> fastcgi.
>
I found a workaround for this scenario. Instead of setting up fastcgi in
.haccess at the root of the application, I make two different directories
for public and private, with different authentication rules. My directory
structure is like this
public_html/myapp/static (soft link to MyApp/static)
public_html/myapp/public
public_html/myapp/public/script (soft link to MyApp/script)
public_html/myapp/private
public_html/myapp/private/script (soft link to MyApp/script)
The .htaccess in the public directory is like this
AddHandler fastcgi-script .pl
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ script/myapp_fastcgi.pl/public/$1 [QSA,L]
Similarly in the private directory:
AddHandler fastcgi-script .pl
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ script/myapp_fastcgi.pl/private/$1 [QSA,L]
Auth stuf [...]
Also, in the static directory I could leave some things public ( css,
javascript, icons...) but make other private ( uploads, reports, ...) by
placing a .htaccess file requiring authentication in each corresponding
directory.
It's not a very flexible or elegant approach, but it seems to work.
Regards,
Francesc
_______________________________________________
List: [email protected]
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
