我正在尝试对除正则表达式之外的所有 URL 的用户进行身份验证:
https://www.example.com/****anything****应该请求身份验证
https://www.example.com/exams/****anything****不应该请求身份验证
这是我今天的配置,但它不起作用:
<LocationMatch "^/exams">
Order allow,deny
Allow from all
</LocationMatch>
<Location "/">
Order allow,deny
Allow from all
AuthType Basic
AuthName "PLEASE,AUTHENTICATE"
AuthBasicProvider ldap-employees
Require valid-user
</Location>
它要求对每个 URL 进行身份验证
答案1
我认为如果您有mod_authz_host和,您可以做到这一点mod_rewrite。基本上,如果 URL 与 /exams 匹配,则设置一个环境变量并查找该变量,如果设置为允许访问。请参阅下面的示例。在此示例中,您不会有额外的标签<Location>。
SetEnvIf Request_URI "^/exams.*" accessgranted=1
<Location "/">
Order deny,allow
Satisfy any
Deny from all
Allow from env=accessgranted
AuthType Basic
AuthName "PLEASE,AUTHENTICATE"
AuthBasicProvider ldap-employees
Require valid-user
</Location>
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow