Forum: NGINX The new regex matching stuff rocks... except it's missing one thing

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
F5a6ed477b109fe6acc11a5a8f87e7e8?d=identicon&s=25 mike (Guest)
on 2009-03-11 22:32
(Received via mailing list)
The auth stuff doesn't support it.

Any ideas on how to support dynamically populating the
auth_basic_user_file? Is this a quick and dirty thing? That'd be
awesome if it was.

               location ~* ^/foo/private/(.*) {
                       alias /home/foo/web/private/$1/;
                       auth_basic "Restricted files";
                       auth_basic_user_file
/home/foo/web/private/$1/.htpasswd;
               }


2009/03/11 16:16:39 [crit] 14097#0: *11 open()
"/home/foo/web/private/$1/.htpasswd" failed (2: No such file or
directory), client: 1.2.3.4, server: foo.com, request: "GET
/foo/private/demo-video/ HTTP/1.1", host: "foo.com"
F7ec36678a4102de7a6895d299a60819?d=identicon&s=25 Ian Hobson (Guest)
on 2009-03-11 23:46
(Received via mailing list)
mike wrote:
>                }
>
>
> 2009/03/11 16:16:39 [crit] 14097#0: *11 open()
> "/home/foo/web/private/$1/.htpasswd" failed (2: No such file or
> directory), client: 1.2.3.4, server: foo.com, request: "GET
> /foo/private/demo-video/ HTTP/1.1", host: "foo.com"
>
I would have thought a new param, to list the users who were permitted
to authenticate would be more flexible. That way, you have one password
file, and only one password to change for a user who has access to
multiple areas.

permit_user <list>;   and deny_user <list>;   perhaps.

And why risk having your password file in your web tree?

Regards

Ian
F5a6ed477b109fe6acc11a5a8f87e7e8?d=identicon&s=25 mike (Guest)
on 2009-03-11 23:54
(Received via mailing list)
i have a deny on .htpasswd already, so it won't allow that either way.
This topic is locked and can not be replied to.