.htaccess file configuration

.htaccess file configuration

Post by Craig Vincen » Wed, 24 Nov 1999 04:00:00



(Linux RH 6.1/Mod_perl/Apache::AuthenDBI/Apache 1.3.9)

Is there a way to redirect users to different areas on a web server through
an .htaccess file based on the user's group.

Basically a user authenticates himself as  foo
The .htaccess file authenticates the username against a database table.
Using AuthezDBI as well it finds the group associated with this user (bar in
this case).

So based on the fact 'foo' is part of the 'bar' group the user is sent to
/usr/foo/bar/index.html
However if 'foo' was part of the 'bar2' group, the user would be sent to
/usr/foo/bar2/index.html

Any ideas/suggestions would be greatly appreciated.

--
Sincerely,

Craig Vincent
Senior Webmaster/Programmer
Web Dream Inc.

 
 
 

.htaccess file configuration

Post by Joshua Sliv » Wed, 24 Nov 1999 04:00:00


[Followups narrowed]


Quote:> (Linux RH 6.1/Mod_perl/Apache::AuthenDBI/Apache 1.3.9)
> Is there a way to redirect users to different areas on a web server through
> an .htaccess file based on the user's group.
> Basically a user authenticates himself as  foo
> The .htaccess file authenticates the username against a database table.
> Using AuthezDBI as well it finds the group associated with this user (bar in
> this case).
> So based on the fact 'foo' is part of the 'bar' group the user is sent to
> /usr/foo/bar/index.html
> However if 'foo' was part of the 'bar2' group, the user would be sent to
> /usr/foo/bar2/index.html

There are two relatively easy ways to do this that I can think of.

1. Have the users access a cgi script that checks the REMOTE_USER
env variable and redirects accordingly.

2. Use mod_rewrite to check the REMOTE_USER and redirect.

The second choice is the one I would use, since it will be faster
and allow some additional flexibility (eg. "transparent" internal
redirects, etc.)

--
Joshua Slive

http://finance.commerce.ubc.ca/~slive/

 
 
 

.htaccess file configuration

Post by Craig Vincen » Wed, 24 Nov 1999 04:00:00


Quote:> 1. Have the users access a cgi script that checks the REMOTE_USER
> env variable and redirects accordingly.

I thought about having a cgi script to redirect after the authentication but
I'd prefer not to as then it creates an additional process and it isn't
transparent to the user.

Quote:> 2. Use mod_rewrite to check the REMOTE_USER and redirect.

> The second choice is the one I would use, since it will be faster
> and allow some additional flexibility (eg. "transparent" internal
> redirects, etc.)

This is transparent...however I need the redirection based on the group the
user belongs to...not the username itself...is there an ENV variable that
checks for this?  I'm not aware of any myself :(

Any other ideas?

--
Sincerely,

Craig Vincent
Senior Webmaster/Programmer
Web Dream Inc.

 
 
 

.htaccess file configuration

Post by Joshua Sliv » Wed, 24 Nov 1999 04:00:00



Quote:>> 2. Use mod_rewrite to check the REMOTE_USER and redirect.

>> The second choice is the one I would use, since it will be faster
>> and allow some additional flexibility (eg. "transparent" internal
>> redirects, etc.)
> This is transparent...however I need the redirection based on the group the
> user belongs to...not the username itself...is there an ENV variable that
> checks for this?  I'm not aware of any myself :(

Check the recent discussion in comp.infosystems.www.servers.unix about
this topic.  It may be possible for you to get mod_rewrite to check
the group database for you.  (Well, actually, I'm sure it's possible.
I'm just not sure how complicated and/or slow it would be.)

--
Joshua Slive

http://finance.commerce.ubc.ca/~slive/

 
 
 

1. .htaccess files / configuration directives...

I have a site (actual path of /usr/local/www/site.com) which is running
off of a virtual host directive with Apache as follows:

<VirtualHost 192.168.0.11>
    ServerAdmin admin
    DocumentRoot /usr/local/www/site.com
    DirectoryIndex index.html
    ServerName www.site.com
    ErrorLog logs/error_log
    CustomLog logs/access_log common
</VirtualHost>

The site has the following structure:

/usr/local/www/site.com
                  \_ admin
                  \_ extra

I would like to have server-side includes activated for the root and
extra dirs, preferably with an .htaccess file in each...  also, the
admin dir needs an .htaccess file for authentication.. I have put
.htaccess files in dirs in the pass for authentication before, and have
working ones...

My httpd.conf file has the AllowOverride All in the / Directory to allow
the authentication method above...

I have tried the following inside the VirtualHost directive, and it
doesn't work:

<Directory "/usr/local/www/grahamarch.com">
  AllowOverride All
  AddHandler server-parsed html  
  Options +Includes IncludesNOExec
</Directory>

I also have put the whole thing inside of an .htaccess file in the
site.com dir, and that hoses the site altogether...  putting the options
in without the <Directory> tags doesn't hose the site, but the includes
don't work...

I know that I am missing something simple here... please if someone
could show me the "correct" way (or at least a working way) of doing
this... It seems more natural to do the .htaccess file in each dir that
needs special treatment, but I can't seem to get that to work at all...

Thanks in advance...

JH

--

Jeffrey Hood
HM Consulting, Inc.
jhood [you-know-why] at hmcon.com

2. Linux 7.1 Samba MS Network Browsing Issues

3. Apache server configurations & .htaccess files

4. RedHat 4.2 RPM dependencies failure

5. Apache: file-by-file .htaccess?

6. WWW and scripting

7. Problems ignoring .htaccess files using <Files> directive

8. QLogic QLA1040/1

9. Apache htaccess configuration with sub directories

10. .htaccess configuration...

11. .htaccess configuration

12. Proper .htaccess configuration

13. How to prevent reading of .htaccess in a .htaccess ?