|
htaccess question.
hi,
Does anyone one know if there is a way to make one .htacess file check 2 htpasswd files? So that it checks one htpasswd for a user and pass and if it's not there it checks the second htpasswd file. I found a previous thread on this, but there was no conclusive answer, someone mentioned it was possible but did not explain how to do it. ok thanks for reading. |
Not possible :( Sorry!
jDoG |
ok thanks for the answer.
It saved me hours of searching on google and forums. cheers. |
We get around it by running a cron script every minute that joins two or more password files into one. Achieves the same thing.
Cheers, Dave. |
or you could make your own custom auth module in C or mod_perl
|
heres a freebee mod_perl for what you want that should work with apache2 and mod_perl 1.99
MemberAuth.pm <code> package Apache::MemberAuth; use strict; use warnings; use Apache::Access (); use Apache::RequestUtil (); use Apache::RequestRec (); use Apache::Connection (); use APR::SockAddr; use ModPerl::Util (); use Apache::RequestIO (); use Apache::Server (); use Apache::ServerUtil (); use APR::Table (); use Apache::Const -compile => qw(OK DECLINED HTTP_UNAUTHORIZED HTTP_NOT_FOUND); sub handler { my $r = shift; my $pw_file = $r->dir_config("AuthUserFile1"); my $username = $r->user(); my $user = Apache->request->user(); my ($status, $password) = $r->get_basic_auth_pw; my $file_db_enc_pass = get_file_pass($user, $pw_file); if($file_db_enc_pass) { my $seed = substr($file_db_enc_pass, 0, 2); my $crypt_pass = crypt($password, $seed); my $status = 0; if($file_db_enc_pass eq $crypt_pass) { return Apache::OK; } else { $pw_file = $r->dir_config("AuthUserFile2"); $file_db_enc_pass = get_file_pass($user, $pw_file); if($file_db_enc_pass) { my $seed = substr($file_db_enc_pass, 0, 2); my $crypt_pass = crypt($password, $seed); my $status = 0; if($file_db_enc_pass eq $crypt_pass) { return Apache::OK; } else { $r->note_basic_auth_failure; return Apache::HTTP_UNAUTHORIZED; } } } } $r->note_basic_auth_failure; return Apache::HTTP_UNAUTHORIZED; } sub get_file_pass($$) { my($user, $pw_file) = @_; $user = Apache->request->user(); if(!$user) { $user = ''; } open(FILE, "<$pw_file") || die $!; while(<FILE>) { chomp(); my($u, $p) = split(/:/, $_, 2); if($u eq $user) { close FILE; return $p; } } return undef; } 1; </code> in httpd.conf do PerlOptions +GlobalRequest +SetupEnv +Authen +Access +Authz PerlAuthenHandler Apache::MemberAuth PerlSetVar AuthUserFile1 /passwords/.htpasswd PerlSetVar AuthUserFile2 /passwords/.htpasswd2 AuthName "protected" AuthType Basic Require valid-user |
By default, you cannot make .htaccess do this. However, I saw a while back that Pay Site Power Tools was offering a "Multi Mod Auth" which is exactly what your lookng for.
http://www.paysitepowertools.com/ http://www.paysitepowertools.com/os-mma.html |
Thanks to everyone who replied, thats awesome.
cheers. |
| All times are GMT -7. The time now is 01:50 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123