我正在尝试排除路径(URI)被基本的http auth阻止。 路径是/ rest(http://example.com/rest)并且表示cakephp 3应用程序的控制器。它不是一个真正的文件,而是一个由重写条件重写的路径,并由webroot目录中的index.php处理。
这是重写规则:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^$ webroot/ [L]
RewriteRule (.*) webroot/$1 [L]
</IfModule>
:
/var/www/webroot/.htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/webroot
<Directory /var/www>
Options FollowSymLinks
AllowOverride All
</Directory>
<Location "/">
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user
Require expr %{REQUEST_URI} =~ m#/rest/.*#
Require expr %{REQUEST_URI} =~ m#/index.php/rest/.*#
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
我正在运行apache 2.4并尝试了不同的配置:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/webroot
<Directory /var/www>
Options FollowSymLinks
AllowOverride All
</Directory>
<Location "/">
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user
</Location>
<Location "/rest">
Allow from all
Satisfy any
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
...改编自https://stackoverflow.com/a/33655232/1285585
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/webroot
<Directory /var/www>
Options FollowSymLinks
AllowOverride All
</Directory>
<Location "/">
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user
</Location>
<Location "/rest">
Require all granted
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</Virtualhost>
...来自https://serverfault.com/a/475845/229877
...
<Location "/">
SetEnvIf Request_URI ^/rest noauth=1
SetEnvIf Request_URI /rest noauth=1
SetEnvIf Request_URI ^/index.php/rest noauth=1
SetEnvIf Request_URI /index.php/rest noauth=1
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Order Deny,Allow
Satisfy any
Deny from all
Require valid-user
Allow from env=noauth
</Location>
...来自https://www.apachelounge.com/viewtopic.php?p=30200
<Location "/">
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user
</Location>
<Location ~ "/(rest|index.php/rest)">
Satisfy Any
Allow from all
AuthType None
Require all granted
</Location>
...来自https://stackoverflow.com/a/8979889/1285585
<Location "/">
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user
</Location>
<Files "index.php/rest">
Satisfy Any
Allow from all
</Files>
<Files "rest">
Satisfy Any
Allow from all
</Files>
...来自https://stackoverflow.com/a/13296294/1285585
Public Function _FIll(ByVal sQuery As String) As DataTable
_FIll = New DataTable
Using _cmd As New SqlCommand
With _cmd
.Connection = dbMain
.CommandText = sQuery
'.CommandTimeout = 0
Using _da As New SqlDataAdapter(_cmd)
Using _dt As New DataTable
Try
_da.Fill(_dt)
Return _dt
Catch ex As Exception
' Return Nothing
End Try
End Using
End Using
End With
End Using
End Function
...来自HTTP Basic Auth Exclude Single File
然而,它们似乎都不起作用。我总是使用wget或来自浏览器的auth请求获得错误401。
问题似乎是,路径/休息传递了条件但后来被重写为index.php,它受基本身份验证的控制(并且必须是)。
任何线索?
答案 0 :(得分:9)