Date: Tue, 7 Mar 2006 01:49:33 -0600 From: Scott Sipe <cscotts@mindspring.com> To: Glenn Dawson <glenn@antimatter.net> Cc: questions@freebsd.org Subject: Re: Apache auth question Message-ID: <FE6237A7-7A96-48D7-B956-C06D6B7BF2FC@mindspring.com> In-Reply-To: <7.0.1.0.2.20060306044151.08607410@antimatter.net> References: <013B73DF-99AA-4B20-BFB7-0A1130EBE780@mindspring.com> <7.0.1.0.2.20060306044151.08607410@antimatter.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mar 6, 2006, at 6:52 AM, Glenn Dawson wrote: > At 03:56 AM 3/6/2006, Scott Sipe wrote: > >> I am dealing with a company LAN that lives behind an OpenBSD based >> firewall+NAT machine. All internal machines have 10.x.x.x addresses. >> >> One of the internal machines acts as an intranet webserver. Everyone >> in the building should be able to access it. >> >> I would ALSO like to expose it to the outside, and have outside >> requests authenticate. So everyone with a 10.x.x.x still has no >> limits, and external addresses after authenticating with a >> username/ password have full access. Is this possible to do with >> apache2 config >> files? > > Something like this should do what you want: > > <Directory /docroot> > AuthType basic > AuthName "foo" > AuthUserFile /path/to/htpasswds > Order Deny,Allow > Deny from all > Require valid-user > Allow from 10.0.0.0/16 > Satisfy any > </Directory> That got it perfectly, adding the "Satisfy any" line was what I had been missing.. thanks much! Scott
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FE6237A7-7A96-48D7-B956-C06D6B7BF2FC>