[Catalyst] SOLVED Re: 5.80005: $c->req->remote_user and apache: excluding actions from authentication

Tomas Doran bobtfish at bobtfish.net
Wed Jun 10 09:20:54 GMT 2009


On 10 Jun 2009, at 10:04, Francesc Romà i Frigolé wrote:
>
> Also, in the static directory I could leave some things public  
> ( css, javascript, icons...) but make other private ( uploads,  
> reports, ...) by placing a .htaccess file requiring authentication  
> in each corresponding directory.
>

Why not just totally exclude public things from going into Catalyst  
at all?

You're meant to (and all the deployment guides recommend) just  
excluding normal public static files from Catalyst seeing at all.

BTW, auth doesn't have to be configured in .htaccess, in fact, I'd  
only do that if you have to, as re-reading htaccess files can end up  
fairly expensive.

Cheers
t0m




More information about the Catalyst mailing list