Apache authentification - letting users from X IP address in WITHOUT required password, others must type password

Question

Hi, now my apache configuration looks like this:

<Directory /usr/share/myweb/>
  AuthType Basic
  AuthName "myweb"
  AuthUserFile /etc/apache2/.passwords
  Require user mw
</Directory>

It allows everyone to web, but require password.

I would like to let some users (from local IP) to be allowed to see the website without a need of authentification. For others it should stay like it is - require password. How can I do that? I supposed I could just do it with Allow from xxx.xx., but it still requires the password.

Thanks for help.

Answer 1

I've wondered about this before so I had a look round.

http://www.electrictoolbox.com/apache-password-protect-allow-ip/

it suggests you need to add to your config. I suspect it may be the lack of satisfy any that is tripping the login request, but I haven't tried it.

satisfy any
deny from all
allow from 192.168.1.

So you get

<Directory /usr/share/myweb/>
  AuthType Basic
  AuthName "myweb"
  AuthUserFile /etc/apache2/.passwords
  Require user mw
  satisfy any
  deny from all
  allow from 192.168.1.
</Directory>

Answer 2

Thanks for answer...this made it:

<Directory /path/to/myweb/>
   Order allow,deny
   AuthType Basic
   AuthName "myweb"
   AuthUserFile /etc/apache2/.passwd
   Order allow,deny
   Require user myweb
   Allow from your.ip.add
   Satisfy Any
</Directory>myweb.com