On Mon, Feb 29, 2016 at 09:53:33AM -0500, Rich Bowen wrote: > That example predates the <requireall> directive, so, yeah, there's a good > chance it's wrong. Did you try it?
Yes, see the test flow attached. So in case <RequireAll> is missing, file can be created by everyone, even if this should be forbidden if I understand correctly what the example should show. In the 2.2 doc, the Satisfy all is not needed as it is the default, isn't it? Petr
:/tmp/apache-test-test # cat httpd.conf ServerName test User abuild Group abuild Listen 60080 PidFile /tmp/apache-test-test/pid ErrorLog /tmp/apache-test-test/error_log LoadModule dir_module /usr/lib64/apache2-prefork/mod_dir.so LoadModule auth_basic_module /usr/lib64/apache2-prefork/mod_auth_basic.so LoadModule authz_core_module /usr/lib64/apache2-prefork/mod_authz_core.so LoadModule authz_host_module /usr/lib64/apache2-prefork/mod_authz_host.so LoadModule dav_module /usr/lib64/apache2/mod_dav.so LoadModule dav_fs_module /usr/lib64/apache2/mod_dav_fs.so LoadModule authn_file_module /usr/lib64/apache2/mod_authn_file.so LoadModule authz_user_module /usr/lib64/apache2/mod_authz_user.so LoadModule authn_core_module /usr/lib64/apache2/mod_authn_core.so DocumentRoot /tmp/apache-test-test/htdocs DirectoryIndex index.html DavLockDB /tmp/apache-test-test/dav.lockdb # http://httpd.apache.org/docs/current/mod/mod_dav.html#example <Directory "/tmp/apache-test-test/htdocs/dav"> Dav On # user authorization is not required for dav function AuthType Basic AuthName "DAV realm" AuthUserFile "/tmp/apache-test-test/password-file" <RequireAll> Require all granted <LimitExcept GET POST PROPFIND> Require user admin </LimitExcept> </RequireAll> </Directory> :/tmp/apache-test-test # httpd -f $PWD/httpd.conf -k restart :/tmp/apache-test-test # curl -s --upload-file welcome.html http://localhost:60080/dav/welcome.html | grep '201\|401' <title>401 Unauthorized</title> :/tmp/apache-test-test # curl -s -u admin:StrongAdminPassword --upload-file welcome.html http://localhost:60080/dav/welcome.html | grep '201\|401' <title>201 Created</title> :/tmp/apache-test-test # When I remove <RequireAll> container, I get: :/tmp/apache-test-test # httpd -f $PWD/httpd.conf -k restart :/tmp/apache-test-test # curl -s --upload-file welcome.html http://localhost:60080/dav/welcome.html | grep '201\|401' <title>201 Created</title> :/tmp/apache-test-test #
--------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org For additional commands, e-mail: docs-h...@httpd.apache.org
