http://httpd.apache.org/docs/trunk/mod/mod_authn_core.html#authtype talks about "AuthType None", and has an awesome example of exactly what I need to do - unfortunately, it appears to be new to 2.3/2.4. Is there any equivalent feature in 2.2?
The authentication type None disables authentication. When authentication is enabled, it is normally inherited by each subsequent configuration section, unless a different authentication type is specified. If no authentication is desired for a subsection of an authenticated section, the authentication type None may be used; in the following example, clients may access the /www/docs/public directory without authenticating:
<Directory /www/docs> AuthType Basic AuthName Documents AuthBasicProvider file AuthUserFile /usr/local/apache/passwd/passwords Require valid-user </Directory> <Directory /www/docs/public> AuthType None Require all granted </Directory>
Something like below works for me with apache 2.2. I took it from http://httpd.apache.org/docs/2.2/mod/core.html#require
<Directory /www/docs>
AuthType Basic
AuthName Documents
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user
</Directory>
<Directory /www/docs/public>
# All access controls and authentication are disabled
# in this directory
Satisfy Any
Allow from all
</Directory>
You just need to set Allow from all and Satisfy Any
This worked for me:
Alias /example "/opt/example.com"
<Directory "/opt/example.com">
Options None
AllowOverride None
Order allow,deny
Allow from all
Satisfy Any
</Directory>
<Directory /www/docs/public>
AuthType None
Require all granted
Satisfy Any
</Directory>
This will work
Just wanted to add this bit of info:
On Apache 2.2.22 you need to have the order correct for it to work:
This did not work for me for location "/foo/sub":
Satisfy Any
Allow from all
I.e the authentication from the location "/foo" defined prior to "/foo/sub" still was applied.
This does work for location "/foo/sub":
Allow from all
Satisfy Any
I.e. the authentication from the location "/foo" defined prior to "/foo/sub" was annulled.
I think you are right: it is not supported in apache 2.2.
I would try the ugly workaround at https://issues.apache.org/bugzilla/show_bug.cgi?id=10932
Something like:
<DirectoryMatch "^/www/docs/(?!public)">
AuthType Basic
AuthName Documents
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user
</Directory>
or
<DirectoryMatch "^/www/docs/[^p][^u][^b][^l][^i][^c]">
AuthType Basic
AuthName Documents
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user
</Directory>
This worked for me on apache2.2:
<Location /trac>
#....
AuthType Basic
AuthName "BLA domain"
AuthUserFile /etc/.passwd
Require valid-user
Allow from all
Satisfy Any
</Location>
来源:https://stackoverflow.com/questions/2641646/how-to-accomplish-authtype-none-in-apache-2-2