Hi,
I have a WebDAV directory (apache httpd 2.2.8; Ubuntu 8.04)
with an .ics file in it. The .ics file is used with Thunderbird Lightning.
Authorization is configured in an .htaccess file in the directory as
follows:
AuthBasicProvider file
AuthType Basic
Authname "name"
AuthUserFile /path/to/file
Require valid-user
<LimitExcept GET OPTIONS>
Require user foo
</LimitExcept>
The auth file includes two users
foo and bar.
If I authenticate in Lightning as bar I get all the rights! I can send
even PUT and PROPFIND http commands. But <LimitExcept GET OPTIONS>
should prevend user bar from changing (PUT) the file, doesn't it?
For both users foo and bar it works just the same.
If I use an additional <Limit GET> section for valid-users, it works.
Where is my fault?
Marc
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
