How to accomplish "AuthType None" in Apache 2.2

Y

6

43

http://httpd.apache.org/docs/trunk/mod/mod_authn_core.html#authtype talks about "AuthType None", and has an awesome example of exactly what I need to do - unfortunately, it appears to be new to 2.3/2.4. Is there any equivalent feature in 2.2?

The authentication type None disables authentication. When authentication is enabled, it is normally inherited by each subsequent configuration section, unless a different authentication type is specified. If no authentication is desired for a subsection of an authenticated section, the authentication type None may be used; in the following example, clients may access the /www/docs/public directory without authenticating:
<Directory /www/docs> 
AuthType Basic
AuthName Documents
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user 
</Directory>

<Directory /www/docs/public>
AuthType None
Require all granted
</Directory>

Yovonnda answered 14/4, 2010 at 23:2 Comment(0)

M

103

Something like below works for me with apache 2.2. I took it from http://httpd.apache.org/docs/2.2/mod/core.html#require

<Directory /www/docs>
    AuthType Basic
    AuthName Documents
    AuthBasicProvider file
    AuthUserFile /usr/local/apache/passwd/passwords
    Require valid-user 
</Directory>
<Directory /www/docs/public>
    # All access controls and authentication are disabled
    # in this directory
    Satisfy Any
    Allow from all
</Directory>

Mutation answered 25/5, 2011 at 18:46 Comment(2)

@Yovonnda maybe you should consider accepting an answer already? This solution has worked fine for me so far. – Scrawly 10/11, 2011 at 14:26

If you want to allow certain files only, you can nest a Files directive under the parent Directory directive. It cannot be done with <Directory> though – Holdover 13/3, 2017 at 15:5

I

9

You just need to set Allow from all and Satisfy Any

This worked for me:

Alias /example "/opt/example.com"

<Directory "/opt/example.com">
  Options None
  AllowOverride None
  Order allow,deny
  Allow from all
  Satisfy Any
</Directory>

Integrator answered 7/8, 2012 at 21:24 Comment(0)

H

8

<Directory /www/docs/public>
AuthType None
Require all granted
Satisfy Any
</Directory>

This will work

Hypsometer answered 22/4, 2010 at 7:50 Comment(0)

W

2

Just wanted to add this bit of info:

On Apache 2.2.22 you need to have the order correct for it to work:

This did not work for me for location "/foo/sub":

Satisfy Any
Allow from all

I.e the authentication from the location "/foo" defined prior to "/foo/sub" still was applied.

This does work for location "/foo/sub":

Allow from all
Satisfy Any

I.e. the authentication from the location "/foo" defined prior to "/foo/sub" was annulled.

Whiting answered 21/6, 2017 at 6:40 Comment(0)

H

1

I think you are right: it is not supported in apache 2.2.

I would try the ugly workaround at https://issues.apache.org/bugzilla/show_bug.cgi?id=10932

Something like:

<DirectoryMatch "^/www/docs/(?!public)"> 
AuthType Basic
AuthName Documents
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user 
</Directory>

or

<DirectoryMatch "^/www/docs/[^p][^u][^b][^l][^i][^c]"> 
AuthType Basic
AuthName Documents
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user 
</Directory>

Hearttoheart answered 24/8, 2010 at 19:4 Comment(0)

C

1

This worked for me on apache2.2:

    <Location /trac>
       #....
       AuthType Basic
       AuthName "BLA domain"
       AuthUserFile /etc/.passwd
       Require valid-user
       Allow from all
       Satisfy Any
    </Location>

Catchment answered 28/7, 2011 at 8:42 Comment(0)

Recommended topics

Hot tags