top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Apache: require and AuthMerging

+1 vote
459 views

we just wonder why when using the following configuration:

# allow using the "/" directory of this virtual host by all

 Require all granted

Alias /fslogs /opt/wcms/fs4/log

 IndexIgnore .. fs4.pid fs-wrapper.log fs-gc.log
 IndexOptions +FancyIndexing
 Options +Indexes

 AuthType Basic
 AuthName "Restricted access"
 AuthBasicProvider file
 AuthUserFile /tmp/passwd
 Require valid-user

the default handling of overwriting access directives in sub contexts does not work properly (AuthMerging off). Might it be due to the two directives "Location" and "Directory"? We expected that for "/opt/wcms/fs4/log" just authenticated and valid users should have access. So, access should be limited. Instead we see that everybody can browse the directory.

posted Sep 24, 2013 by Naveena Garg

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

+1 vote

Location has higher precedence than Directory. It's merged after, not before.

answer Sep 24, 2013 by Seema Siddique
Similar Questions
+1 vote

I use apache 2.4 on centos.

I want to protect the access to a page (/my_folder/secure) with a cookie (in my exemple the cookie name is : my_cookie_name)

I would like that some machine with IP 192.1.1.10 and 192.1.1.11 can access the server without the cookie. This two IP address don't need to have the cookie for access to /my_folder/secure)

And all other IP address are redirect to address https://my_register_site.com if they don't have the cookie.

How to write this ? Some example, and of course it does not work.

Session On 
RewriteEngine on 
RewriteCond %{HTTP_COOKIE} !my_cookie_name 
RewriteCond %{REMOTE_ADDR} !^192.1.1.10$ 
RewriteCond %{REMOTE_ADDR} !^192.1.1.11$ 
RewriteRule ^(.*)$ https://my_register_site.com [NC,L,R=301] 
0 votes

I want to allow a directory " /var/www/html/ldap" to two users according to IPs (192.168.1.2 192.168.1.7):

 Order allow,deny
 Allow from 192.168.1.2 192.168.1.7
 Satisfy any
 AuthName "LDAP Authentication"
 AuthType Basic

 AuthBasicProvider ldap
 AuthzLDAPauthoritative off
 AuthLDAPURL ldap://192.168.1.3/dc=example,dc=com?uid?sub?(objectClass=*)
 Require valid-user

but I don't want to allow a sub directory to 192.168.1.7 (I want it to be allowed only to 192.168.1.2):

I have tried to add:

 Order allow,deny
 Allow from 192.168.1.2
 Satisfy any
 AuthName "LDAP Authentication"
 AuthType Basic

 AuthBasicProvider ldap
 AuthzLDAPauthoritative off
 AuthLDAPURL ldap://192.168.1.3/dc=example,dc=com?uid?sub?(objectClass=*)
 Require valid-user

but it seems that 192.168.1.7 can reach to manager directory because it is a part of ldap directory, how can I forbid this?

+1 vote

I'm working on doing some upgrade testing to mitigate the Heartbleed issue and some other vulnerabilities. Part of that is updating OpenSSL, but I'm a bit confused about something and am hoping that someone can help me. I've done at least a dozen internet searches and can't find the answer. It's probably simple, but I'd like to find out anyway.

What do I need to do in order to update the version of OpenSSL that is included in the Apache HTTP server release? I've installed OpenSSL 1.0.1g on the server, but the older version is still in the apache /bin directory. Do I simply replace the openssl executable or is there some kind of change that needs to be made in the httpd.conf file to point to the newer installation?

+1 vote

I want to create Cluster and want to add services through Apache Ambari Restful APIs. I am unable to call POST,PUT and DELETE Web Services successfully.

I am using Resful APIs client to work and trying to use below URL with POST request but not working.

POST REQUEST

http://AmbariServerIP:8080/api/v1/clusters/c1 
...