Is it possible to protect an entire site, from DocumentRoot, using AuthCookie?
I have tried to configured it today, using my subclass of AuthCookieDBI:
- If I have all of the protected files in Location blocks under Document root, all
is fine.
- If I try to protect Location /, then it appears
George Valpak wrote:
Is it possible to protect an entire site, from DocumentRoot, using AuthCookie?
Yes. I've never done this myself personally, but people have reported
success doing this. The trick is to configure apache so that your LOGIN
handler is not inside the authentication realm.