htaccess question --

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • schilli
    Confirmed User
    • Jun 2002
    • 265
    #1

    htaccess question --

    More htaccess questions.

    Here's the htaccess I'm using to protect my members area:
    AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/data/.htpasswd
    AuthName MEMBERS
    AuthType Basic

    <Limit GET POST>
    require valid-user
    </Limit>

    I want to be able to offer a "tiered" membership option allowing access to more withing my membership area for more money. So I need to protect directories separately. With the file listed above does anyone know if I can add some lines in??? I'd try it on my server but I don't want to mess with my present customers and accidently block them out. I'd basically be adding separate data locations for the password files to different directories. So does anyong know if I can do this --

    AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/data/.htpasswd
    AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/vdata/.htpasswd
    AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/data1/.htpasswd
    AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/data2/.htpasswd
    AuthUserFile /usr/local/apache/www/chriss/chezchris.ca/data#/.htpasswd
    AuthName MEMBERS
    AuthType Basic

    <Limit GET POST>
    require valid-user
    </Limit>


    Tags: None
    • schilli
      Confirmed User
      • Jun 2002
      • 265
      #2

        Comment

        • some_idiot
          Confirmed User
          • May 2002
          • 1511
          #3
          Well you seem to be hurting here... so I ran through the
          mod_auth source code. (I assume you are using Apache)

          Nope, mod_auth only supports 1 password file per directory
          declaration.

          It is trivial to extent this, but if you think about what you're
          doing this isn't the way you want to it. By doing it at root, you've
          given even the most basic user access all the way down the tree.
          Rewriting the entire authentication method to work backwards,
          would NOT be trivial.


          You might want to look at grouping and using that to restrict
          further down the tree.
          Last edited by some_idiot; 04-13-2003, 09:12 PM.

          This AVS pays my mortgage!

            Comment

            • Warden
              Confirmed User
              • Nov 2002
              • 2906
              #4
              I know there are scripts/API's that will use a DB for auth instead of the user/password files that htaccess normally queries. Below is a link to a great resource board. Good luck

              http://forums.devshed.com/
              AIM: ZeeRiddler
              ICQ: 128160005
              Warden's MS

                Comment

                Previous template Next
                Working...