[users@httpd] How to allow a directory and don't allow a sub-directory?

Mark jensen Tue, 22 Jul 2014 08:22:19 -0700

I want to allow a directory " /var/www/html/ldap" to two users according to IPs 
(192.168.1.2 192.168.1.7):


<Directory /var/www/html/ldap>
      Order allow,deny
      Allow from 192.168.1.2 192.168.1.7
      Satisfy any
      AuthName "LDAP Authentication"
      AuthType Basic

      AuthBasicProvider ldap
      AuthzLDAPauthoritative off
      AuthLDAPURL ldap://192.168.1.3/dc=example,dc=com?uid?sub?(objectClass=*)
      Require valid-user
</Directory>

but I don't want to allow a sub directory to 192.168.1.7 (I want it to be 
allowed only to 192.168.1.2):

I have tried to add:

<Directory /var/www/html/ldap//manager>
      Order allow,deny
      Allow from 192.168.1.2
      Satisfy any
      AuthName "LDAP Authentication"
      AuthType Basic

      AuthBasicProvider ldap
      AuthzLDAPauthoritative off
      AuthLDAPURL ldap://192.168.1.3/dc=example,dc=com?uid?sub?(objectClass=*)
      Require valid-user
</Directory>

but it seems that 192.168.1.7 can reach to manager directory  because it is a 
part of ldap directory, how can I forbid this?

[users@httpd] How to allow a directory and don't allow a sub-directory?

Reply via email to