I am trying to authenticate users for all URLs except for a regular expression:
https://www.example.com/****anything****
should request authentication
https://www.example.com/exams/****anything****
should NOT request authentication
This is my config today but it is not working:
<LocationMatch "^/exams">
Order allow,deny
Allow from all
</LocationMatch>
<Location "/">
Order allow,deny
Allow from all
AuthType Basic
AuthName "PLEASE,AUTHENTICATE"
AuthBasicProvider ldap-employees
Require valid-user
</Location>
It asks authentication for every URL
Best Answer
I think you can accomplish this if you have
mod_authz_host
andmod_rewrite
. Basically set an environment variable if the URL matches /exams and look for that and if it's set allow access. See the example below. In this example you would not have the additional<Location>
tag.http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow