I can't figure out how to accomplish the following access permissions.
- https://www.example.org/projects/ maps to /var/www/projects/
- The projects folder has access restrictions, only valid-users may view
/projects or subdirectories
- All valid-users may view (the autoindex of) /projects
- By default, no one may view any subdirectory, unless it is explicitly
enabled (e.g. by a "require group mygroup")
I attempted to accomplish this with:
<Directory "/var/www/projects/">
AuthName "My projects"
AuthType Digest
AuthDigestDomain /projects/ https://www.example.org/projects/
AuthDigestProvider file
AuthUserFile /etc/apache2/users.dav
AuthGroupFile /etc/apache2/groups.dav
Require valid-user
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory ~ "^/var/www/projects/$">
Allow from all
</Directory>
<Directory "/var/www/projects/myproject1/">
Allow from all
Require group mygroup1
</Directory>
The first and last Directory directive seem to work fine, but the middle
<Directory ~ "^/var/www/projects/$"> never seem to match. At least, I
get a 403 Forbidden when accesssing https://www.example.org/projects/.
If I replace this directive with a <Directory ~ "^/var/www/projects/">
(thus removing the $), I get a autoindex of /projects, but obviously
also of subdirectories, which is not what I want.
I also tried <Directory ~ "^/var/www/projects$"> and <Location ~
"^/projects/$">, but that all gives a 403 Forbidden.
I have the feelings I'm missing something obvious here. I'm using Apache
2.2.9 on Debian Lenny.
How could I make this work?
Regards,
Freek Dijkstra
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
