Using Location with AuthType

Forum Moderators: phranque

Message Too Old, No Replies

Using Location with AuthType

deepakd

5:17 pm on Nov 14, 2008 (gmt 0)

Guys,
I have a simple problem to solve:

I want to use <Location> directive to protect URLs using simple basic file based user dir stored in webserver machine. The trick is : I want two urls to be secured by two different user dir. Here is the httpd.conf snippet:

<Location /plaza/register.wfl?execution=e2s1>
AuthType Basic
AuthUserFile /opt/IBM/IHS61-plaza-global/conf/user-store2
AuthName "Secured Area 1"
require valid-user
</Location>

<Location /plaza>
AuthType Basic
AuthUserFile /opt/IBM/IHS61-plaza-global/conf/user-store1
AuthName "Secured Area 2"
require valid-user
</Location>

This is not working. Wehn I hit the url /plaza, I am asked for uid/pass which is correct. But wen I am inside the portal, when I hit the url /plaza/register.wfl... , I am not asked for the uid/password stored in the user-store2.

Please help!

Thanks
DD

jdMorgan

8:48 pm on Nov 14, 2008 (gmt 0)

Be aware that <Location> uses prefix-matching, which means that the second <Location> container will match anything that the forst <Location> container matches. You may have better luck using regular-expressions pattern-matching in <LocationMatch>.

Also, be aware that neither <Location> nor <LocationMatch> can "see" your query string, as a query string is not considered to be part of a URL. Query strings do not locate resources, they are data appended to the URL to be passed to the resource located by that URL.

Jim