2

I'm sure this is simple, but Google is not my friend this morning.

The goal is:

/public... is openly accessible

everything else (including /) requires basic auth.

This is a WSGI app, with a single WSGI script (it's a django site, if that matters..)

I have this:

<Location /public> Order deny,allow Allow from all </Location> <Directory /> AuthType Basic AuthName "My Test Server" AuthUserFile /path/to/.htpasswd Require valid-user </Directory>

With this configuration, basic auth works fine, but the Location directive is totally ignored. I'm not surprised, as according to this (see How the Sections are Merged), the Directory directive is processed first.

I'm sure I'm missing something, but since Directory applies to a filesystem location, and I really only have the one Directory at /, and it's a Location that I wish to allow access to, but Directory always overrides Location...

EDIT

I'm using Apache 2.2, which doesn't support AuthType None.

Improve this question

2 Answers 2

Reset to default
2

For Apache 2.2 (and probably others in the 2 series older than 2.3):

<Location /public> Satisfy any Allow from all </Location> <Location /> AuthType Basic AuthName "My Test Server" AuthUserFile /path/to/.htpasswd Require valid-user </Location>
Improve this answer
1
  • This doesn't work - I still get the auth box on the location I am trying to remove it from. I hate Apache so much... Commented Sep 18, 2012 at 16:37
2

For Apache 2.0, set AuthType None within your <Location /public> stanza:

<Location /public> AuthType None Order deny,allow Allow from all </Location>

http://httpd.apache.org/docs/trunk/mod/mod_authn_core.html#AuthType

Improve this answer
1
  • 1
    Sadly, I'm using Apache 2.2, which doesn't support AuthType None. Commented Feb 25, 2011 at 22:21

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.