You are here: / home / 2008 / 01 / 10

Thu, 10 Jan 2008

About Apache, Basic Authentication, Location and regular expressions

The other day, I had an interesting problem, regarding Apache, the LocationMatch directive and regular expressions. I'll put it here, so I'll be able to find it again...

Actually it was a quite simple problem: A simple web page, where all web pages are protected with a password. No big Problem: Use a <location /> and AuthType basic, problem solved.... or isn't it?

Some documents might be needed to be available without the authentication... for example robots.txt... or the funky custom error document, which explains how to get the authentication data, in case the authentication fails.

Looking at the documentation, found a solution: LocationMatch exists, where you specify a regular expression, which must match, for the following configuration to apply.

What isn't mentioned in the documentation, that the obvious solution... something like <LocationMatch !"^/(robots.txt|my401handler.html"> doesn't work. See apache bug 10932. Needed quite some time, to find this out...

Luckily Meike found the bug report above, which has a workaround for that problem: Use <LocationMatch "^/(?!robots.txt|my401handler.html)">



Oh... and if your customized error handler references some pictures or
style sheets, don't forget to add them to the regular expression above,
too.


                
                
		  postet at 22:43 into [Debian]
		   permanent link



	
            
                About
                
                    
		        Alexander Tolimar Reichle-Schmehl lives in Tuttlingen / Germany.  He works as IT manager (specialized on Unix and SAN/Storage) for an international automotive supplier.
                    
                
            

            
                Navigation
                
		    

  / (436)

    Debian/ (191)


      events/ (25)


        ApacheCon-2005/ (2)

        DAM-II/ (6)

        DebConf-5/ (33)

        DebConf-6/ (13)

        DebConf-7/ (2)

        DebConf10/ (1)

        DebConf11/ (4)

        DebConf9/ (1)

        Erkelenz-2006/ (1)

        LinuxTag-2005/ (7)

        LinuxTag-2007/ (1)

        admc-2005/ (10)

        cebit-2005/ (35)

        cebit-2006/ (5)

        cebit-2007/ (1)

        cebit-2010/ (8)

        cebit-2011/ (3)

        mini-debconf-berlin-2010/ (1)


      memes/ (2)

      other/ (5)

      rc-stats/ (2)


        6.0-squeeze/ (39)

        7.0-wheezy/ (21)



    other/ (7)

    private/ (7)

    university/ (5)



                
            

            
                Links
                
                    
		        My...

                        - homepage


                        - GPG public key

                    
                
            

            
                external Links
                
                    
                        alphascorpii's homepage

                        alphascorpii's blog

                        Debian

                        Debian related blogs

			some Debian related news



    
        
            Copyright © 2006 - 2012 Alexander Reichle-Schmehl.
            Webdesign by Jonas John.