<br><div class="gmail_quote">2009/6/9 Francesc Romā i Frigolé <span dir="ltr"><<a href="mailto:francesc.roma%2Bcatalyst@gmail.com" target="_blank">francesc.roma+catalyst@gmail.com</a>></span><br><div> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I'm trying the new feature $c->req->remote_user introduced in 5.80005. I'd like to know if it is possible to tell apache, in a .htaccess file, to not ask authentication for a certain set of URIs (for example matching /public/)<br>
<br>I'm on a shared account in <a href="http://asmallorange.com" target="_blank">asmallorange.com</a> ( apache 1.3.41). I'm using fastcgi.<br></blockquote><div><br></div></div><br>I found a workaround for this scenario. Instead of setting up fastcgi in .haccess at the root of the application, I make two different directories for public and private, with different authentication rules. My directory structure is like this<br>
<br><span style="font-family: courier new,monospace;">public_html/myapp/static </span><span style="font-family: courier new,monospace;"> (soft link to MyApp/static)</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">public_html/myapp/public</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">public_html/myapp/public/</span><span style="font-family: courier new,monospace;">script (soft link to MyApp/script)</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">public_html/myapp/private</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">public_html/myapp/private/</span><span style="font-family: courier new,monospace;">script (soft link to MyApp/script)</span><br style="font-family: courier new,monospace;">
<br><br>The .htaccess in the public directory is like this<br><br><div style="margin-left: 40px;"><span style="font-family: courier new,monospace;">AddHandler fastcgi-script .pl</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">RewriteEngine On</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">RewriteCond %{REQUEST_FILENAME} !-f</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">RewriteRule ^(.*)$ script/myapp_fastcgi.pl/public/$1 [QSA,L]</span><br style="font-family: courier new,monospace;"></div><br>Similarly in the private directory:<br><br>
<div style="margin-left: 40px;"><span style="font-family: courier new,monospace;">AddHandler fastcgi-script .pl</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">RewriteEngine On</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">RewriteCond %{REQUEST_FILENAME} !-f</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">RewriteRule ^(.*)$ script/myapp_fastcgi.pl/private/$1 [QSA,L]</span><br><br><span style="font-family: courier new,monospace;">Auth stuf [...]</span><br style="font-family: courier new,monospace;">
</div>
<br><br>Also, in the static directory I could leave some things public ( css, javascript, icons...) but make other private ( uploads, reports, ...) by placing a .htaccess file requiring authentication in each corresponding directory. <br>
<br>
It's not a very flexible or elegant approach, but it seems to work.<br><br>Regards,<br>Francesc<br><br><br><br><br>