requiring different users based at different IP addresses?

requiring different users based at different IP addresses?

Post by Chris Sid » Tue, 16 Feb 1999 04:00:00



I'm trying to require different users based on the client IP address.  For
example, if the client's IP address is 10.20.30.40, I only want to allow
user joe to have access.  But if the client address is 10.10.2.20, only
user testy.  No other IP address is allowed.

Below is my current .htaccess.  It seems that the allows and requires get
combined together, as both users joe and testy can come from either IP
addresses. (I only put the Limit GETs in hopes that would change things).
Anyone know how to do this?

 AuthType Basic
 AuthName some_domain
 AuthUserFile /home/blah/web_users

 <Limit GET>
  order deny,allow
  deny from all
  allow from 10.20.30.40
  require user joe
 </Limit>
 <Limit GET>
  order deny,allow
  deny from all
  allow from 10.10.2.20
  require user testy
 </Limit>

Thanks,
Chris Sidi

 
 
 

requiring different users based at different IP addresses?

Post by Joshua Sliv » Wed, 17 Feb 1999 04:00:00



> I'm trying to require different users based on the client IP address.  For
> example, if the client's IP address is 10.20.30.40, I only want to allow
> user joe to have access.  But if the client address is 10.10.2.20, only
> user testy.  No other IP address is allowed.
> Below is my current .htaccess.  It seems that the allows and requires get
> combined together, as both users joe and testy can come from either IP
> addresses. (I only put the Limit GETs in hopes that would change things).
> Anyone know how to do this?
>  AuthType Basic
>  AuthName some_domain
>  AuthUserFile /home/blah/web_users
>  <Limit GET>
>   order deny,allow
>   deny from all
>   allow from 10.20.30.40
>   require user joe
>  </Limit>
>  <Limit GET>
>   order deny,allow
>   deny from all
>   allow from 10.10.2.20
>   require user testy
>  </Limit>

Take out the <Limit GET> and </Limit> lines.  They are just confusing
you.  If you want to limit all methods, then you don't need any
<Limit> lines at all.  Limit sections do not group requirements like
you want.

One way to accomplish what you want is to leave out the host access
restrictions above, and allow both joe and testy to authenticate.
Then you could use mod_rewrite or a cgi script to check
the REMOTE_ADDR and REMOTE_USER environment variables and deny access
if they don't match your restrictions.

Another technique could be to use 2 aliases, both pointing at the
same directory, then use two <Location ...> sections to
provide the different restrictions.  Of course, while you would
only need the content once, you would need to give joe and testy
different URLs to access it.

There are probably a few other ways to do this, but those are all
that I am coming up with at the moment.

--
Joshua Slive

http://finance.commerce.ubc.ca/~slive/

 
 
 

1. OnDemand ijppp: different phone numbers for different ip addresses

hey,

am trying something out, but on reading the docs cant seem to find a
solution. i do know and have run ijppp in on-demand mode and it works
fine. now here's the clincher. what i really need is to have ijppp dial
to different phone numbers for different dest ip networks, say for
10.0.0.0/8 i gotta dial 123 4567 and for 11.0.0.0/8 i gotta dial 987
6543.

it would also be great if all of this would only need one modem and one
serial port. possible ?

--
Regards,                        /\_/\   "All dogs go to heaven."

+=======================----oOO--(_)--OOo----=========================+
|for a in past present future; do                                     |
| for b in clients employers associates relatives neighbours pets; do |
| echo "The opinions here in no way reflect the opinions of my $a $b."|
|done; done                                                           |
+=====================================================================+
http://pgp.ai.mit.edu/htbin/pks-extract-key.pl?op=get&search=0x230096E9

2. IDE cd burning under x86

3. Different Web Page for different client IP address?

4. Handling Time on Linux

5. Display different home page based on IP address?

6. Cannot load module parport_pc.o

7. How can I show a different home page based on IP address ?

8. Win98: cant copy to linux, but can't read from it

9. Different Page Based On Incoming IP Address/Host

10. Makefiles involving files in different directories requiring different compilers

11. Binding a single IP Address to two different MAC addresses

12. 2 IP addresses on 1 NIC - Are different net addresses possible??

13. Apache: different default locations for different users?