<br><div class="gmail_quote">On Tue, Jun 9, 2009 at 7:53 PM, Tomas Doran <span dir="ltr"><<a href="mailto:bobtfish@bobtfish.net">bobtfish@bobtfish.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="im">Francesc Romŕ i Frigolé wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
This is more of an apache question than a Catalyst one, but I'd appreciate some help.<br>
<br>
I'm trying the new feature $c->req->remote_user introduced in 5.80005. I'd like to know if it is possible to tell apache, in a .htaccess file, to not ask authentication for a certain set of URIs (for example matching /public/)<br>
</blockquote>
<br></div>
Yes, it is.<br>
<br>
<Location /public><br>
Satisfy Any<br>
Allow from All<br>
</Location><br>
<br>
should do what you want.<br>
</blockquote><div><br><br>Thanks Tomas, but I get the error: .htaccess: <Location not allowed here<br><br>This is because <Location> is not an "htaccess directive". See <a href="http://httpd.apache.org/docs/1.3/mod/core.html#location">http://httpd.apache.org/docs/1.3/mod/core.html#location</a><br>
<br>I also tried with <FilesMatch> which it is allowed, but it doesn't seem to work (which makes sense because I'm not actually matching any file but a catalyst action )<br><br> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
Also, if you haven't seen it yet:<br>
<a href="http://search.cpan.org/%7Ebobtfish/Catalyst-Plugin-Authentication-0.10012/lib/Catalyst/Authentication/Credential/Remote.pm" target="_blank">http://search.cpan.org/~bobtfish/Catalyst-Plugin-Authentication-0.10012/lib/Catalyst/Authentication/Credential/Remote.pm</a><br>
</blockquote><div><br></div></div><br>It looks very interesting. From your explanation <br><br><pre> # in your Controller/Root.pm you can implement "auto-login" in this way<br> sub begin : Private {<br> my ( $self, $c ) = @_; <br>
unless ($c->user_exists) {<br> # authenticate() for this module does not need any user info<br> # as the username is taken from $c->req->remote_user and<br> # password is not needed <br>
unless ($c->authenticate( {} )) {<br> # return 403 forbidden or kick out the user in other way<br> };<br> } <br> }<br></pre><br>it seems that it should be possible to tell apache that authentication is optional, but I don't know how to do that. How can I make apache ask for a username/password but not return a 401 Authorization Required
error?<br><br>Thanks,<br>Francesc<br><br><br><br><br><br><br>