Apache-2.2

Apache 位置指令異常

  • March 1, 2018

我正在嘗試對除正則表達式之外的所有 URL 的使用者進行身份驗證:

https://www.example.com/****anything****應該請求認證 https://www.example.com/exams/****anything****不應該請求認證

這是我今天的配置,但它不起作用:

<LocationMatch "^/exams">
   Order allow,deny
   Allow from all
</LocationMatch>

<Location "/">
   Order allow,deny
   Allow from all

   AuthType Basic
   AuthName "PLEASE,AUTHENTICATE"
   AuthBasicProvider ldap-employees
   Require valid-user
</Location>

它要求對每個 URL 進行身份驗證

我認為如果你有mod_authz_host和 ,你可以做到這一點mod_rewrite。如果 URL 與 /exams 匹配,則基本上設置一個環境變數並查找它,如果它設置為允許訪問。請參見下面的範例。在此範例中,您將沒有附加<Location>標籤。

SetEnvIf Request_URI "^/exams.*" accessgranted=1

<Location "/">
   Order deny,allow
   Satisfy any
   Deny from all
   Allow from env=accessgranted
   AuthType Basic
   AuthName "PLEASE,AUTHENTICATE"
   AuthBasicProvider ldap-employees
   Require valid-user
</Location>

<http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow>

引用自:https://serverfault.com/questions/707475