I want to password protect all urls on my beta site at the moment. Except one url because it is called by flash and flash can't handle basic auth properly it seems. So i want to disable basic auth for that one url. This is my config in apache. Apache is a proxy for tomcat but that should not matter right ?
<IfModule mod_proxy_ajp.c>
ProxyRequests On
ProxyVia On
<Location /uploader>
Order allow,deny
Allow from all
ProxyPass ajp://localhost:8050/uploader
ProxyPassReverse ajp://localhost:8050/uploader
</Location>
<Location />
Order allow,deny
Allow from all
AuthType Basic
AuthName "Restricted area"
AuthUserFile /etc/apache2/passwd/site-access
Require valid-user
ProxyPass ajp://localhost:8050/
ProxyPassReverse ajp://localhost:8050/
</Location>
</IfModule>
SO my thinking is that if http://www.example.com/uploader is called then the first location config is should be matched and no auth is required.
This does not seem to work i always get asked for auth. Any ideas ?
regards Peter Delahunty
Add Satisfy Any to the uploader location:
<Location /uploader>
Order allow,deny
Satisfy Any
Allow from all
ProxyPass ajp://localhost:8050/uploader
ProxyPassReverse ajp://localhost:8050/uploader
</Location>
This is documented in the Apache docs, but under the description of the Require directive.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With