Apache authentication for multiple directories

apache-2.2

I've website running in apache 2.2.3. Root directory of website contains three directories. I want to setup authentication for these directories as below

only user1 can browse all pages
user2 can only access mydomain.com/dir1/
user3 can only access mydomain.com/dir2/
user4 can only access mydomain.com/dir3/

I've tried below configuration but only user1 can browse website other users are unable to access website.

<directory /var/www/html/example>
        AuthUserFile /etc/httpd/user1-htpasswd
        AuthName "Resricted"
        AuthType Basic
        Require user user1
</directory>

<directory /var/www/html/example/dir1/>
        AuthUserFile /etc/httpd/user2-htpasswd
        AuthName "Resricted"
        AuthType Basic
        Require user user2
</directory>

<directory /var/www/html/example/dir2/>
        AuthUserFile /etc/httpd/user3-htpasswd
        AuthName "Resricted"
        AuthType Basic
        Require user user3
</directory>

Please guide me for the same. Thanks in advance.

Best Answer

It should work if you put all your users login info in one passwd file and then do something like this (untested)

<directory /var/www/html/example/dir1/>
        AuthUserFile /etc/httpd/users-htpasswd
        AuthName "Resricted"
        AuthType Basic
        Require user user1
        Require user user2
</directory>

<directory /var/www/html/example/dir2/>
        AuthUserFile /etc/httpd/users-htpasswd
        AuthName "Resricted"
        AuthType Basic
        Require user user1
        Require user user3
</directory>

Related Solutions

Centos – WebDAV on CentOS – getting 403 error when attempt to upload

I recently struggled with the same problem on my Fedora 10 system. In my case the culprit was some odd redirection that I was doing in Apache. Specifically, I use a content management system (Drupal, to be exact) that within it's .htaccess includes the following redirection logic to redirect missing files to a PHP script:

# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

It makes sense that the above only affects the PUT method since in that case REQUEST_FILENAME does not exist.

Not having the WebDAV area inside of the Drupal area, which seems like a reasonable constraint, fixes the problem.

Also, I think it is likely that SELinux would result in a different error, but it's not mentioned in the discussion above. Did you try disabling SELinux?

Ssl – Django running on Apache+WSGI and apache SSL proxying

My solution thanks to Graham:



<Location /dirname>
    SSLVerifyClient      none
    SSLOptions           +FakeBasicAuth
    SSLRequireSSL
    AuthName             "name Authentication"
    AuthType             Basic
    AuthUserFile         /etc/httpd/stuff.passwd
    require              valid-user

    RequestHeader set X-Url-Scheme https


</Location>

ProxyPass /dirname http://django.test/dirname
ProxyPassReverse /dirname http://django.test/dirname

On django.test I added this :

 SetEnvIf X-Url-Scheme https HTTPS=1

after

  WSGIScriptAlias /dirname /path_to_wsgi_script/django.wsgi

Best Answer

Related Solutions

Centos – WebDAV on CentOS – getting 403 error when attempt to upload

Ssl – Django running on Apache+WSGI and apache SSL proxying

Related Topic