gpt4 book ai didi

apache - 从 http 基本身份验证中排除特定的 cakephp Controller

转载 作者:行者123 更新时间:2023-12-02 08:06:41 29 4
gpt4 key购买 nike

我正在尝试排除基本 http 身份验证阻止的路径 (URI)。路径是/rest ( http://example.com/rest ),代表 cakephp 3 应用程序的 Controller 。它不是一个真正的文件,而是一个由重写条件重写并由 webroot 目录中的 index.php 处理的路径。

重写规则如下:

/var/www/.htaccess:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^$ webroot/ [L]
RewriteRule (.*) webroot/$1 [L]
</IfModule>

/var/www/webroot/.htaccess:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

我正在运行 apache 2.4 并尝试了不同的配置:

<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/webroot
<Directory /var/www>
Options FollowSymLinks
AllowOverride All
</Directory>
<Location "/">
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user
Require expr %{REQUEST_URI} =~ m#/rest/.*#
Require expr %{REQUEST_URI} =~ m#/index.php/rest/.*#
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

...改编自https://stackoverflow.com/a/33655232/1285585

<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/webroot
<Directory /var/www>
Options FollowSymLinks
AllowOverride All
</Directory>
<Location "/">
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user
</Location>
<Location "/rest">
Allow from all
Satisfy any
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

... 来自 https://serverfault.com/a/475845/229877

<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/webroot
<Directory /var/www>
Options FollowSymLinks
AllowOverride All
</Directory>
<Location "/">
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user
</Location>
<Location "/rest">
Require all granted
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</Virtualhost>

... 来自 https://www.apachelounge.com/viewtopic.php?p=30200

...
<Location "/">
SetEnvIf Request_URI ^/rest noauth=1
SetEnvIf Request_URI /rest noauth=1
SetEnvIf Request_URI ^/index.php/rest noauth=1
SetEnvIf Request_URI /index.php/rest noauth=1

AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Order Deny,Allow
Satisfy any
Deny from all
Require valid-user
Allow from env=noauth
</Location>

... 来自 https://stackoverflow.com/a/8979889/1285585

 <Location "/">
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user
</Location>
<Location ~ "/(rest|index.php/rest)">
Satisfy Any
Allow from all
AuthType None
Require all granted
</Location>

... 来自 https://stackoverflow.com/a/13296294/1285585

<Location "/">
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user
</Location>
<Files "index.php/rest">
Satisfy Any
Allow from all
</Files>
<Files "rest">
Satisfy Any
Allow from all
</Files>

... 来自 HTTP Basic Auth Exclude Single File

但是,它们似乎都不起作用。我使用 wget 或来自浏览器的身份验证请求时总是收到错误 401。

问题似乎是,路径/rest 通过了条件,但随后被重写为 index.php,它受到基本身份验证的控制(并且必须如此)。

有什么线索吗?

最佳答案

当我偶然发现相关问题的答案(https://stackoverflow.com/a/14010456/1285585)时,我终于弄清楚了。

这是我的解决方案:

<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/webroot
<Directory /var/www>
Options FollowSymLinks
AllowOverride All
</Directory>

<Location "/">
# Default to Basic Auth protection for any stie
AuthType Basic
AuthName "Keawe Development"
AuthUserFile /host/.htpasswd
Require valid-user

# If the request goes to a rest page: bypass basic auth
SetEnvIf Request_URI ^/rest/ noauth=1
Allow from env=REDIRECT_noauth
Allow from env=noauth

Order Deny,Allow
Satisfy any
Deny from all
</Location>

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

关于apache - 从 http 基本身份验证中排除特定的 cakephp Controller ,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/41077895/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com