tags:

views:

21

answers:

1
+1  Q: 

Is it possible to set Apache Basic Authentication to lock a directory, except for one file?

I'm working on an upcoming project, but the team needs to access it online. I've setup (for now) Basic Authentication using:

    <Directory /var/www/html>
            AuthType Basic
            AuthName "Staging"
            AuthUserFile /etc/passwd
            Require valid-user
    </Directory>

But, I need one file to be publically accessible (a 3rd party service needs to ping it, but can't handle Basic Authentication. Is it possible to "turn off" authentication for a specific file ("specific-file.php")?

I was looking into:

    <Files "/var/www/html/specific-file.php">
            ### SOMETHING
    </Files>

but it is not clear to me how to disable the protection.

Thanks!

A: 

what happens when you use following?

<Files "/var/www/html/specific-file.php">
        Order Deny, Allow
        Allow from all
        AuthType none
        Satisfy Any 
</Files>

or a try a combination of above.

 2010-07-01 20:22:56
No joy. Seems not to work. I also tried to use Location with the same directives, but that actually seemed toc completely disable security.
Michael T. Smith  2010-07-01 20:31:32
hmm... did you try putting `Satisfy Any` before `Allow from all` as well? Try using `AuthType none` as well!
 2010-07-01 20:35:22
Still no joy. Just completely turns off Authorization at all.
Michael T. Smith  2010-07-01 21:39:24

related questions

How do I write Firefox add-on that automatically enters proxy passwords?
Login Integration in PHP
Strange Rails Authentication Issue
Concurrent logins in a web farm
Is there a browser equivalent to IE's ClearAuthenticationCache?
How can I authenticate using client credentials in WCF just once?
Why can't I connect to my CAS server with Perl's AuthCAS?
Best Solution For Authentication in Ruby on Rails
Authenticate on an ASP.Net Forms Authorization website from a console app
How do I use NTLM authentication with Active Directory
What have you used Windows CardSpace for, if anything
Forms Authentication across Applications
Retreiving the PC Name of a Client? (Windows Auth)
How would you implement FORM based authentication without a backing database?
What's the best way to authenticate over WCF?
Only accepting certain ajax requests from authenticated users
OpenID authentication in Ruby on Rails
OpenID Attribute Exchange - should I use it?
OpenID: which provider should I recommend to my users?
What to use for login ID?
ASP.NET authentication: user name Vs User ID
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Checklist for IIS 6/ASP.NET Windows Authentication?
The Definitive Guide To Website Authentication