我们有一个网站,用户需要有效的 jwt 令牌才能访问,但是我们需要特定的 IP 访问权限,而无需令牌。以下是我尝试使用但无济于事的方法:
<Directory ${VIDEO_ROOT}>
Header always set Access-Control-Allow-Headers "Authorization"
AllowOverride All
<LimitExcept OPTIONS>
AuthType jwt
AuthName "private area"
Require jwt-claim user=genericuser # username of some kind must exist
Require valid-user
</LimitExcept>
SetEnvIF X-Forwarded-For "^1\.2\.3\.4" ip_ok
Allow from env=ip_ok
Satisfy any
</Directory>
有没有 Apache 专家能帮我理解正确的做法?我确实需要使用 X-Forwarded-For
答案1
感谢@diya,下面的方法似乎可以解决问题:
<Directory ${VIDEO_ROOT}>
Header always set Access-Control-Allow-Headers "Authorization"
AllowOverride All
SetEnvIF X-Forwarded-For ^1\.2\.3\.4 ip_ok
<LimitExcept OPTIONS>
AuthType jwt
AuthName "private area"
<RequireAny>
Require jwt-claim user=genericuser # username of some kind must exist
Require valid-user
Require env ip_ok
</RequireAny>
</LimitExcept>
</Directory>