Combine mod_rewrite basic authentication

Fix it!!

Combine mod_rewrite basic authentication

Postby pythonman » Thu May 07, 2009 3:51 pm

Hi everyone,

Is it possible to call basic authentication depending on URI input with mod_rewrite?

For eg. if user visits http://example.com/membersarea
then require user to login using apache's basic auth

So code should look like
Code: Select all
ReqriteEngine On
RewriteCond %{REQUEST_URI} ^membersarea/?$
AuthName "Members Only"
AuthType Basic
require valid-user
...


But that doesn't work, it prompts login box wherever I go

the 'membersarea' folder doesn't exist and shouldn't.

I guess that's not possible?

Thanks in advance guys.
pythonman
 
Posts: 1
Joined: Thu May 07, 2009 3:42 pm

Postby richardk » Fri May 08, 2009 5:49 am

You can't mix it like that.

You can set a environmental variable and do authentication based on it existing or not.
Code: Select all
SetEnvIf Request_URI "^/membersarea/?$" do_auth=1

AuthName "Members Only"
AuthType Basic
AuthBasicProvider file
AuthUserFile /path/to/.htpasswd
Require valid-user

Order Allow,Deny
Allow from all
Deny from env=do_auth
Satisfy Any
richardk
 
Posts: 8800
Joined: Wed Dec 21, 2005 7:50 am


Return to Security with Mod_Rewrite

Who is online

Users browsing this forum: No registered users and 1 guest