Apache Authentication – Apache .htaccess Trick to Authenticate Only Once for All Subdomains

.htaccessapache-2.2authenticationsubdomain

I'm using something like this in .htaccess file to restrict access to the website:

AuthUserFile /some/directory/.passwd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic
require valid-user

This works fine but the user is asked to authenticate each time a subdomain is changed, like user1.mywebsite.com, user2.mywebsite.com or just mywebsite.com

Is there a way to tell Apache2 that when a user is authenticated against one subdomain, it should grant him access to all others as well?

Best Answer

Not possible; you can use a single .htaccess file to grant access to anything in your directory tree with the same credentials, but authentication is required for each unique subdomain.

As Benny points out, you'll need session-based authentication in some form to accomplish this.

Related Solutions

Centos – WebDAV on CentOS – getting 403 error when attempt to upload

I recently struggled with the same problem on my Fedora 10 system. In my case the culprit was some odd redirection that I was doing in Apache. Specifically, I use a content management system (Drupal, to be exact) that within it's .htaccess includes the following redirection logic to redirect missing files to a PHP script:

# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

It makes sense that the above only affects the PUT method since in that case REQUEST_FILENAME does not exist.

Not having the WebDAV area inside of the Drupal area, which seems like a reasonable constraint, fixes the problem.

Also, I think it is likely that SELinux would result in a different error, but it's not mentioned in the discussion above. Did you try disabling SELinux?

Debian – Apache + LDAP Auth: access to / failed, reason: require directives present and no Authoritative handler

Your 'Require' line reads

Require ldap-group cn=CHANGED, cn=CHANGED

That doesn't look write - I don't believe you can have have two cn's in a DN like that.

Best Answer

Related Solutions

Centos – WebDAV on CentOS – getting 403 error when attempt to upload

Debian – Apache + LDAP Auth: access to / failed, reason: require directives present and no Authoritative handler

Related Topic