SetEnvIf-Am I doing this right?

SetEnvIf-Am I doing this right?

Post by Chris McFarlin » Sat, 30 Mar 2002 10:56:34



I'm attempting to use the SetEnvIf directive so anyone accessing a
particular directory from a particular domain will be authenticated with a
particular username without being challenged with a username/password dialog
box.

It doesn't appear that REMOTE_USER is getting set to the value "webuser" as
I would like it to.
Is this even possible and if so, what am I doing wrong.

Here is the contents of access.conf.
-------------------------------------------------------------------
SetEnvIfNoCase Referer ^http://www\.xyz REMOTE_USER='webuser'

<Directory /usr/etc/directoryname>
AllowOverride None
AuthType Basic
AuthName Name
require valid-user
AuthUserFile /var/adm/directory/abc.userfile
Options ExecCGI
</Directory>
-----------------------------------------------------------------------
--
--
Chris McFarling

 
 
 

SetEnvIf-Am I doing this right?

Post by Joshua Sliv » Sat, 30 Mar 2002 13:08:06



> I'm attempting to use the SetEnvIf directive so anyone accessing a
> particular directory from a particular domain will be authenticated with a
> particular username without being challenged with a username/password dialog
> box.

You can't do that.  The closest you can come is

SetEnvIfNoCase Referer ^http://www\.xyz goodref
AuthType Basic
AuthName Name
AuthUsererFile ...
require valid-user
order deny,allow
deny from all
allow from env=goodref
satisfy any

This will let the right people in, but won't set REMOTE_USER for the
non-validated people.  You can, however, just check "goodref" in
your scripts.

Also note that using Referer for any sort of authentication is a bad
idea.  It can be trivialy faked by the client.

--
Joshua Slive

Apache HTTP Server Users Mailing List: http://httpd.apache.org/userslist.html

 
 
 

1. setenvif doesn't seem to work properly - what am I doing wrong ?

Folks,

I run htDig on my home intranet every night, and I want to filter out the
"digger's" searching from my main log. I thought it might be useful to send
it to /dev/null :-)  Here's what I have in my config file:

SetEnvIfNoCase User-agent  \.*htdig\.* htdigger
LogFormat "%{User-agent}i" agent
CustomLog /var/log/httpd/agent_log agent
CustomLog /dev/null agent env=htdigger

I -think- i'm saying: "if the user agent contains htdig, then set the
environment variable htdigger. define a custom log format called agent
which just holds the user agent. define a custom log called agent_log for
other user agents, except if the digger env var is set, then send it to
/dev/null."

Unfortunately, it still annoyingly puts all of htDig's accesses in the main
log.  I think it might be something to do with my regex.

Any ideas ?

Thanks !

2. Europe Tests Established Chemicals on Millions of Animals

3. Shutdown problems...am I doing it right?

4. Linux > Banyan

5. ipchains filter - am i doing this right? (Sorry)

6. nfs export fails with @netgroup entry

7. ipchains filter - am i doing this right?

8. ? how to insert footers using server and not ssi ?

9. RedHat 5.2 dialler - am i doing it right ?

10. LVM...am I doing this right?

11. Am I doing this right?

12. This clone thing...am I stupid, or am I right?