How to accomplish “AuthType None” in Apache 2.2

时光总嘲笑我的痴心妄想 提交于 2019-12-17 23:01:50

问题


http://httpd.apache.org/docs/trunk/mod/mod_authn_core.html#authtype talks about "AuthType None", and has an awesome example of exactly what I need to do - unfortunately, it appears to be new to 2.3/2.4. Is there any equivalent feature in 2.2?

The authentication type None disables authentication. When authentication is enabled, it is normally inherited by each subsequent configuration section, unless a different authentication type is specified. If no authentication is desired for a subsection of an authenticated section, the authentication type None may be used; in the following example, clients may access the /www/docs/public directory without authenticating:

<Directory /www/docs> 
AuthType Basic
AuthName Documents
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user 
</Directory>

<Directory /www/docs/public>
AuthType None
Require all granted
</Directory>

回答1:


Something like below works for me with apache 2.2. I took it from http://httpd.apache.org/docs/2.2/mod/core.html#require

<Directory /www/docs>
    AuthType Basic
    AuthName Documents
    AuthBasicProvider file
    AuthUserFile /usr/local/apache/passwd/passwords
    Require valid-user 
</Directory>
<Directory /www/docs/public>
    # All access controls and authentication are disabled
    # in this directory
    Satisfy Any
    Allow from all
</Directory>



回答2:


You just need to set Allow from all and Satisfy Any

This worked for me:

Alias /example "/opt/example.com"

<Directory "/opt/example.com">
  Options None
  AllowOverride None
  Order allow,deny
  Allow from all
  Satisfy Any
</Directory>



回答3:


<Directory /www/docs/public>
AuthType None
Require all granted
Satisfy Any
</Directory>

This will work




回答4:


Just wanted to add this bit of info:

On Apache 2.2.22 you need to have the order correct for it to work:

This did not work for me for location "/foo/sub":

Satisfy Any
Allow from all

I.e the authentication from the location "/foo" defined prior to "/foo/sub" still was applied.

This does work for location "/foo/sub":

Allow from all
Satisfy Any

I.e. the authentication from the location "/foo" defined prior to "/foo/sub" was annulled.




回答5:


I think you are right: it is not supported in apache 2.2.

I would try the ugly workaround at https://issues.apache.org/bugzilla/show_bug.cgi?id=10932

Something like:

<DirectoryMatch "^/www/docs/(?!public)"> 
AuthType Basic
AuthName Documents
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user 
</Directory>

or

<DirectoryMatch "^/www/docs/[^p][^u][^b][^l][^i][^c]"> 
AuthType Basic
AuthName Documents
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user 
</Directory>



回答6:


This worked for me on apache2.2:

    <Location /trac>
       #....
       AuthType Basic
       AuthName "BLA domain"
       AuthUserFile /etc/.passwd
       Require valid-user
       Allow from all
       Satisfy Any
    </Location>


来源:https://stackoverflow.com/questions/2641646/how-to-accomplish-authtype-none-in-apache-2-2

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!