[Catalyst] SOLVED Re: 5.80005: $c->req->remote_user and apache: excluding actions from authentication

Francesc Romà i Frigolé francesc.roma+catalyst at gmail.com
Wed Jun 10 10:30:02 GMT 2009

On Wed, Jun 10, 2009 at 11:20 AM, Tomas Doran <bobtfish at bobtfish.net> wrote:

> On 10 Jun 2009, at 10:04, Francesc Rom=E0 i Frigol=E9 wrote:
>> Also, in the static directory I could leave some things public ( css,
>> javascript, icons...) but make other private ( uploads, reports, ...) by
>> placing a .htaccess file requiring authentication in each corresponding
>> directory.
> Why not just totally exclude public things from going into Catalyst at al=

Yes, that is what I'm doing, I should have said it more explicitly. I don't
make the application root directory ( /public_html/myapp) go through
Catalyst. Only the subdirectories that have an explicit .htaccess do. So
everything is "static" unless stated otherwise. There is no .htaccess in

> BTW, auth doesn't have to be configured in .htaccess, in fact, I'd only do
> that if you have to, as re-reading htaccess files can end up fairly
> expensive.

I'm on a shared hosting. I'm trying to find out if I can get a reasonable
performance serving non public static files. With the setup I described
there is at most one .htaccess file that needs to be read for each request:
either it redirects dynamic stuff to catalyst ( different .htaccess for
public or private ) or serves a public static file (no .htaccess to be read)
or serves static private files (no catalyst, static/private/.htaccess)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20090610/b54c9=

More information about the Catalyst mailing list