Eric Covener wrote:
On Thu, Jan 15, 2009 at 9:09 AM, Brian Mearns <[email protected]> wrote:
The only thing I can think of is reversing the orders of the Location
tags, i.e., have the more global one come first.
I know OP reported that this failed, but I think this is the route to pursue.
Did you try "AuthType none" in the sub-location ?
I think I remember having this same kind of issue before, and to have
found that the problem is that an authentication method is always
"inherited" from the parent dir/location, unless specifically overridden
by a new one.
I can think of a rather clumsy way of overcoming this, roughly as
follows (not tried, but maybe worth a try).
Say you currently have something like this :
directory structure :
/var/www/docs/* (must stay protected)
/var/www/docs/unp/... (stuff to unprotect)
DocumentRoot /var/www/docs
<Location />
(protected)
</location>
<Location /unp>
(would like to unprotect, but currently does not work)
</Location>
Then you could change this as follows :
directory structure :
/var/www/docs/unp/* (stuff to unprotect)
/var/www/docs/prot/* (everything else, must stay protected)
and nothing in /var/www/docs itself apart from the above.
DocumentRoot /var/www/docs
RewriteCond %{REQUEST_URI} !^/unp/
RewriteRule ^/(.*)$ /prot/$1 [PT]
<Directory /prot>
AuthType Basic
....
</Directory>
<Directory /unp>
(no auth)
</Directory>
The idea would be to catch all requests not starting with "/unp/", and
re-writing these to "/prot/*". They would then fall under the later
Auth, while the /unp/ ones would not.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [email protected]
" from the digest: [email protected]
For additional commands, e-mail: [email protected]
