Menu
I have an apache server where authentication is required, but there are some calls that need to be allowed for all.
On off these calls is based on a query string for example:
/foo/api.php?Token=123&Task=DoStuff&Result=json
I taught that with a LocationMatch that this would have workd so i worked out this configuration:
<LocationMatch ^/foo/api.php\?.*(Task=DoStuff).*>
Order Allow,Deny
Allow from All
</LocationMatch>
But this doesn't let me pass the authentication (meaning i get a 401).
If I just filter ^/foo/api.php I get passed the authentication, but this isn't strict enough.
Anyone has any idea how to configure this to check the Task parameter in the querystring?
For authentication we are using kerberos, this is forced on the whole site This is our conf for kerb
LoadModule auth_kerb_module modules/mod_auth_kerb.so
<Directory /var/www/html>
Options FollowSymLinks
AllowOverride All
AuthType Kerberos
Require valid-user
AuthName "Kerberos Login"
KrbMethodNegotiate on
KrbMethodK5Passwd on
KrbAuthRealms FOO.LOCAL
KrbServiceName HTTP/[email protected]
Krb5KeyTab /etc/httpd/conf/http.keytab
Satisfy Any
Order deny,allow
Deny from all
Allow from 192.168.72.90
Allow from 192.168.72.91
Allow from 192.168.72.94
Allow from 192.168.72.95
Allow from 127.0.0.1
</Directory>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With