Scott Brady wrote:
That worked (I had to put the "/public/" before the "/"
and remove the trailing slash in "/public/", but it worked).
Just to nitpick a bit :
The fact that you are using mod_SSPI leads me to believe you are running
Apache on a Windows host.
In that case, you should read this document carefully :
http://httpd.apache.org/docs/2.2/mod/core.html#location
and particularly reflect on this paragraph :
<Location> sections operate completely outside the filesystem. This has
several consequences. Most importantly, <Location> directives should
not be used to control access to filesystem locations. Since several
different URLs may map to the same filesystem location, such access
controls may by circumvented.
What that means is explained more completely here :
http://httpd.apache.org/docs/2.2/sections.html
in the section "What to use When".
If that is still not entirely clear, here is a summary :
- the Windows filesystem, in terms of locatiing directories and
filenames, is case-insensitive. In other words, "/dir" and "/DIR" and
"/Dir" all lead to same place.
- the Apache <Location> directive applies to the URL, and IS
case-sensitive. In that case, "/public" and "/PUBLIC" are 2 different URLs.
So your section
<Location /public>
applies only to browser requests that come in as
"http://yourhost/public";. It does not apply if a request comes as
"http://yourhost/PUBLIC";, although for both URLs, Apache will server the
content of the same disk directory.
In your specific case, it does not really matter, because your intention
is to release the security for your "public" directory, compared to the
rest of the site.
But don't do the same for a "secret" part of your site.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
