The new regex matching stuff rocks... except it's missing one thing


#1

The auth stuff doesn’t support it.

Any ideas on how to support dynamically populating the
auth_basic_user_file? Is this a quick and dirty thing? That’d be
awesome if it was.

           location ~* ^/foo/private/(.*) {
                   alias /home/foo/web/private/$1/;
                   auth_basic "Restricted files";
                   auth_basic_user_file 

/home/foo/web/private/$1/.htpasswd;
}

2009/03/11 16:16:39 [crit] 14097#0: *11 open()
“/home/foo/web/private/$1/.htpasswd” failed (2: No such file or
directory), client: 1.2.3.4, server: foo.com, request: “GET
/foo/private/demo-video/ HTTP/1.1”, host: “foo.com


#2

mike wrote:

           }

2009/03/11 16:16:39 [crit] 14097#0: *11 open()
“/home/foo/web/private/$1/.htpasswd” failed (2: No such file or
directory), client: 1.2.3.4, server: foo.com, request: “GET
/foo/private/demo-video/ HTTP/1.1”, host: “foo.com

I would have thought a new param, to list the users who were permitted
to authenticate would be more flexible. That way, you have one password
file, and only one password to change for a user who has access to
multiple areas.

permit_user ; and deny_user ; perhaps.

And why risk having your password file in your web tree?

Regards

Ian


#3

i have a deny on .htpasswd already, so it won’t allow that either way.