On 05/23/2012 06:58 AM, Richard Davies wrote:
Eric Covener wrote:
?Require<auth_username=root_directory_name>
Or alternatively, a way for me to have "Require valid-user", but then
somehow prevent users from accessing directories other than their own?
(even with a hack like rewrite rules?)
There is a shortcut if the those names are system users and they
actually own their directories:
http://httpd.apache.org/docs/2.2/mod/mod_authz_owner.html
Unfortunately, they aren't - they're just entries in an htdigest file.
Richard.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
You might be able to use mod-auth-external along with LocationMatch. I
haven't used mod-auth-external, but it looks like it could work:
<LocationMatch "/var/www/.*">
#mod-auth-external <http://code.google.com/p/mod-auth-external/>
directives that call a custom script
</LocationMatch>
Then write a script that makes sure the username/password checks out and
also makes sure the URI is within that user's directory.
http://code.google.com/p/mod-auth-external/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org