On 4/4/06, Boyle Owen <[EMAIL PROTECTED]> wrote: > > -----Original Message----- > > From: toni pérez [mailto:[EMAIL PROTECTED] > > Sent: Montag, 3. April 2006 17:11 > > To: users@httpd.apache.org > > Subject: [EMAIL PROTECTED] uri and location directive > > > > Hi list, > > > > I have got an apache auth_module write in c to apply own requires in > > an own authorization handler, such this: > > > > <Location "/apw5/rme"> > > allow from all > > AuthType CA2 > > require ACL > > Grupo 'RME_usuaris' > > </Location> > > > > <Location "/apw5/"> > > allow from all > > AuthType CA2 > > require USUARIO-VALIDO > > </Location> > > > > When the server receives the url http://myserver/apw5/rme, is the > > second directive "/apw5" instead "/apw5/rme" that do match. > > To add to Joshua's comments about the ordering of directives: > > Are you trying to "nest" authentication realms? That is, the user requests > /apw5 and gets one login prompt, then he requests /apw5/rme and gets a second > prompt? >
this occurs in the authorization level on the apache request loop. the user requests /apw5/rme and gets the require for /apw5 > If so, that certainly won't work with basic authentication and I don't think > it is even possible in HTTP 1.1. I understand that you written your own auth > module to handle the logins but I'm guessing it's just handling the > authorization [test: what is sending the 401 response to an unauthenticated > request?] > > The HTTP 1.1 protocol assumes a single layer of authentication and there is > no syntax for expressing nested authentication realms. Even if you > implemented it somehow in your handler, the problem would then be in the > browser implementation - if you assign an authentication realm to /apw5, the > browser will send credentials for every subsequent request under this (ie, > including /apw5/rme). So even if your handler sends back a 401 for /apw5/rme, > the browser will not know what to do (it sent credentials - why doesn't it > work?). The results will be unpredicatable and browser-dependent. > > Rgds, > Owen Boyle > Disclaimer: Any disclaimer attached to this message may be ignored. > > > > > Why do this? > > > > I need a solution that isn't change the order of directives > > > > thanks, > > > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen > Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a > private and personal nature. It is not related to the exchange or business > activities of the SWX Group. Le présent e-mail est un message privé et > personnel, sans rapport avec l'activité boursičre du Groupe SWX. > > > This message is for the named person's use only. It may contain confidential, > proprietary or legally privileged information. No confidentiality or > privilege is waived or lost by any mistransmission. If you receive this > message in error, please notify the sender urgently and then immediately > delete the message and any copies of it from your system. Please also > immediately destroy any hardcopies of the message. You must not, directly or > indirectly, use, disclose, distribute, print, or copy any part of this > message if you are not the intended recipient. The sender's company reserves > the right to monitor all e-mail communications through their networks. Any > views expressed in this message are those of the individual sender, except > where the message states otherwise and the sender is authorised to state them > to be the views of the sender's company. > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] > " from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >