Dear Wiki user, You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.
The following page has been changed by ChrisPepper: http://wiki.apache.org/httpd/Recipes/BypassAuthenticationOrAuthorizationRequirements The comment on the change is: Please review Order/Allow/Deny directives -- I believe they're fixed. + tweaks. ------------------------------------------------------------------------------ ## page was renamed from Recipies/BypassAuthenticationOrAuthorizationRequirements = Bypass Authentication Or Access Requirements = - The '''Satisfy''' directive controls how ''Authentication'' directives (used for password protection) and ''access'' directives (eg, Allow/Deny) interact with each other. You can instruct your Apache Server to allow requests if ''either'' authentication ''or'' access requirements are met. Or you can insist that ''all'' criteria are met before allowing the request. + The '''Satisfy''' directive controls how ''Authentication'' directives (used for password protection) and ''access'' directives (e.g. Allow/Deny) interact with each other. You can instruct your Apache server to allow requests if ''either'' authentication ''or'' access requirements are met. Or you can insist that ''all'' criteria are met before allowing the request. Satisfy comes with two options: @@ -28, +28 @@ AuthType Basic AuthName MySite Require valid-user + Order allow,deny Allow from 172.17.10 Satisfy any </Directory> }}} This will force everyone from the outside to authenticate, but those coming from the LAN IP range would not be required to do so. Apache will let them access the directory without authenticating. - This will also work with a subdirectory in your protected directory. Let's say, you have a subdirectory in ''private'' called ''noprotect'' that you want to allow everyone access to without being prompted for credentials. You could do this: + This will also work with a subdirectory in your protected directory. Let's say you have a subdirectory in ''private'' called ''noprotect'' that you want to allow everyone access to without being prompted for credentials. You could do this: {{{<Directory /home/www/site1/private/noprotect> Order allow,deny @@ -51, +52 @@ AuthName MySite Require valid-user - Order deny,allow + Order allow,deny Allow from 172.17.10 Satisfy all </Directory> @@ -59, +60 @@ In this above example, the "Order deny,allow" line blocks access by default, the "Allow" directive allows the LAN and the "Satisfy all" directive requires both LAN and password. - See the Apache Docs For further information on the [http://httpd.apache.org/docs/2.2/mod/core.html#satisfy Satisfy] directive. + See the Apache Docs for further information on the [http://httpd.apache.org/docs/2.2/mod/core.html#satisfy Satisfy] directive.
