logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Third-party Modules View previous topic :: View next topic
Reply to topic   Topic: [SOLVED] Authorization from 2.2. to 2.4
Author
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Fri 07 Mar '14 16:59    Post subject: [SOLVED] Authorization from 2.2. to 2.4 Reply with quote

I wonder how to get the same result on 2.4.xx Apache like i had on 2.2 :

Code:

<Location /restricted>
Order deny,allow
Deny from all
Allow from 192.168.0.1/24

AuthType digest
AuthBasicAuthoritative Off
AuthName "restricted"
AuthDigestProvider file
AuthUserFile "/passwd/digest"
AuthDigestAlgorithm MD5
Require valid-user
</Location>


On 2.2 it allows only users from local network connect to www.mydomain.com/restricted and additionally each user had to provide proper login and password. Those directives works on 2.4 as well, but i would like to use 2.4. directives only to get the same result.

I tried this :
Code:

<Location /restricted>
Require all denied
Require ip 192.168.1.0/24

AuthType digest
AuthBasicAuthoritative Off
AuthName "restricted
AuthDigestProvider file
AuthUserFile "/passwd/digest"
AuthDigestAlgorithm MD5
Require valid-user
<Location /restricted>


Unfortunately it allows to connect from every IP. How to restrict it to local lan only ?


Last edited by Qmpeltaty on Thu 27 Mar '14 12:21; edited 1 time in total
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Fri 07 Mar '14 17:15    Post subject: Reply with quote

You need only the second line.

Comment out / delete the Require all denied.
Back to top
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Mon 10 Mar '14 15:04    Post subject: Reply with quote

Unfortunately it doesn't work like expected. Everyone who provide the login and password has access, even outside local network.
Back to top
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Mon 10 Mar '14 15:05    Post subject: Reply with quote

I thought the order (top-bottom) could have impact so even i had switched the IP require to the bottom of the Location block - still no changes.

BTW : Remove post option could be enabled on forum Wink
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Mon 10 Mar '14 15:48    Post subject: Reply with quote

Well what works is the <RequireAll>, but that is only available in directory ...

Code:

<Directory "/Users/mario/secure_testing">
   Options Indexes FollowSymLinks
   AllowOverride None
   <RequireAll>
   Require ip 127.0.0.1 ::1
   AuthType digest
   AuthBasicAuthoritative Off
   AuthName "restricted
   AuthDigestProvider file
   AuthUserFile "/Users/mario/secure_testing/digest"
   AuthDigestAlgorithm MD5
   Require valid-user
   </RequireAll>
</Directory>
Back to top
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Tue 11 Mar '14 14:15    Post subject: Reply with quote

James Blond wrote:
Well what works is the <RequireAll>, but that is only available in directory ...



Shame, as i need it for Location.
Back to top
mastermnd



Joined: 22 Mar 2014
Posts: 3

PostPosted: Sat 22 Mar '14 18:08    Post subject: Reply with quote

That last statement is not true:

Docs here say the context for RequireAll is "Directory",
but if you see what that means here then you'll see it has to work for location too.
Back to top
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Mon 24 Mar '14 15:02    Post subject: Reply with quote

mastermnd wrote:
That last statement is not true:

Docs here say the context for RequireAll is "Directory",
but if you see what that means here then you'll see it has to work for location too.


Seems that you could be right :

directory
A directive marked as being valid in this context may be used inside <Directory>, <Location>, <Files>, <If>, and <Proxy> containers in the server configuration files, subject to the restrictions outlined in Configuration Sections.
Back to top
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Thu 27 Mar '14 12:22    Post subject: Reply with quote

It works now within /Location block :

Code:
<Location /restricted>
 <RequireAll>
   Require ip 192.168.1.0/24
   AuthType digest
   AuthBasicAuthoritative Off
   AuthName "restricted"
   AuthDigestProvider file
   AuthUserFile "c:/Apache24/passwd/digest"
   AuthDigestAlgorithm MD5
   Require valid-user
  </RequireAll>
</Location>
Back to top


Reply to topic   Topic: [SOLVED] Authorization from 2.2. to 2.4 View previous topic :: View next topic
Post new topic   Forum Index -> Third-party Modules