Server Fault Asked on November 22, 2021
I have different folders which i want to prevent access .
But i don’t want to separate for different folders.
For i have htaccess and htpasswd applies to
/admin1
/admin2
/admin3
I want that if user enter username password fro admin1 folder then he will be able to access admin2 and admin3 without entering isername and password again
But if someone only access admin2 then he has type enter username and password
SOmething like single sign on
I am accessing those via web interface http://abc.com/admin
Try this:
#####
SetEnvIf Request_URI ^/admin1 auth=1
SetEnvIf Request_URI ^/admin2 auth=1
SetEnvIf Request_URI ^/admin3 auth=1
AuthName "Please login"
AuthType Basic
AuthUserFile /path_to_file_which_contains_user_login_pwd/.htpasswd
## first, allow everybody
Order Allow,Deny
Satisfy any
Allow from all
Require valid-user
# then, deny only if required
Deny from env=auth
#####
Answered by Nikolay Bronskiy on November 22, 2021
Yes, there are two options.
Option 1)
Have similar, or the same .htaccess files in every directory you wish to protect, which reference a single .htpassword file:
AuthUserFile /etc/httpd/.htpasswd
AuthName "Some Secret FIles"
AuthType Basic
require valid-user
Option 2) Symlink a single .htaccess file into every directory (This means if you change anything in your master .htaccess file all the symlinks will be updated
Answered by Smudge on November 22, 2021
Instead of putting the same file in all the different folders, you could restrict access to a common parent folder instead. E. g. like this:
/parent <-- this folder is protected by .htaccess
/parent/admin1
/parent/admin2
/parent/admin3
This way you would only have to maintain a single .htaccess
file.
A different would be linking the same .htaccess
file into all three folders using symlinks (if you are on a *nix based OS / on Windows you might use junctions when on NTFS). But I am not sure if Apache allows symlinks as .htaccess
files
Answered by Axel Knauf on November 22, 2021
Short Answer is Yes you can use same .htaccess file.
This is how HTTP Authentication works. You can just copy same .htaccess to all three folders and the user will be able to browse all three folders with out being asked for password again. The authentication basically depend on the password file, as far as the password file is same the rest doesn't matter. It will work everywhere on your domain. So you can use the same .htaccess file.
Answered by Hameedullah Khan on November 22, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP