Dear Wiki user, You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.
The following page has been changed by pctony: http://wiki.apache.org/httpd/Recipies/BypassAuthenticationOrAuthorizationRequirements The comment on the change is: copied from ebp-moin New page: = Bypass Authentication Or Authorization Requirements = With satisfy you can instruct your Apache Server to bypass either authentication or authorization requirements that are currently configured. [[BR]] Or to ensure that all criteria are met satisfactorily before allowing the connection any further. Satisfy comes with two options: * '''Satisfy Any''' will allow Apache to bypass one of the requirements. [[BR]] [[BR]] For the rest of this recipie lets set an example scenario. {{{ <Directory /home/www/site1/private> AuthUserFile /home/www/site1-passwd AuthType Basic AuthName MySite Require valid-user </Directory> }}} With this configuration, your users will be required to authenicate as normal. But lets say for example you want people from your LAN to have full access, without being prompted for a password. In this scenario we could use: {{{ <Directory /home/www/site1/private> AuthUserFile /home/www/site1-passwd AuthType Basic AuthName MySite Require valid-user Allow from 172.17.10 Satisfy Any </Directory> }}} This will basically force everyone from the outside to authenticate, but those coming from the LAN IP range would not be required to do so. [[BR]] Apache will let them access the directory, with authenticating. This will also work with a subdirectory in your protected directory. Let's say, you have a subdirectory in private called noprotect that you want to allow everyone access without being prompted for a credentials. You could do this: {{{<Directory /home/www/site1/private/noprotect> Order allow,deny Allow from all Satisfy any </Directory> }}} For further information on the satisfy directive, see the Apache Doc for it [http://httpd.apache.org/docs/2.2/mod/core.html#satisfy here]
