Is it possible to get the matched regex from within the apache LocationMatch directive?

Question

I'm wondering if the following code should be working:

<LocationMatch "/(.*)([/])?(.*)">
    Order allow,deny
    Allow from all

    AuthType Basic
    AuthName "Git"
    AuthUserFile  /git/.htpasswd
    AuthGroupFile /git/.htgroup
    Require group $1
</LocationMatch>

What I am trying to achieve with this is to require a group based on the first regex variable. So if the user goes to http://localhost/a-repository-name he has to be in the group a-repository-name to be able to open the url.

For some reason I can't get this code working and apache returns: Authorization of user **** to access /a-repository-name failed, reason: user is not part of the 'require'ed group(s).
I guess it's not matching against the proper variable at Require group $1.
Is this the right way to be done or I'm missing something?

score 7 · Answer 1 · answered Sep 21 '15 at 14:26

7

According to the Apache documentation this is now supported...

From 2.4.8 onwards, named groups and backreferences are captured and written to the environment with the corresponding name prefixed with "MATCH_" and in upper case. This allows elements of URLs to be referenced from within expressions and modules like mod_rewrite. In order to prevent confusion, numbered (unnamed) backreferences are ignored. Use named groups instead.

<LocationMatch "^/combined/(?<sitename>[^/]+)">
    require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
</LocationMatch>

answered Sep 21 '15 at 14:26

pillingworth

171
1
2

Wow! Thank you for answering such an old question! I'm glad they've included this in the newer versions. Unfortunately I can't accept your answer because the original answer was valid at the time. – tftd Sep 21 '15 at 14:39
Does this work? I tried something similar https://serverfault.com/questions/844571/proxypassmatch-environment-variable-usage and i cant get it to work – agent provocateur May 04 '17 at 18:31

score 2 · Accepted Answer · edited Sep 21 '15 at 16:07

2

LocationMatch doesn't support backreferencing, you can't do that in versions before 2.4.8.

edited Sep 21 '15 at 16:07

Dennis Nolte

2,881
4
27
37

answered Sep 03 '12 at 14:58

InternetSeriousBusiness

165
7

Can you please provide a link in the documentation where this is stated? I changed `Require group $1` to `Require group mygroup` and it worked perfect. – tftd Sep 03 '12 at 15:04
@tftd: Changed the wording. I meant regexp grouping, not the group you set in `Require`. – InternetSeriousBusiness Sep 03 '12 at 15:07
Is there any known workaround? – tftd Sep 03 '12 at 15:30
@tftd: I'm afraid you'll have to attack the problem from another angle. – InternetSeriousBusiness Sep 03 '12 at 17:12

Is it possible to get the matched regex from within the apache LocationMatch directive?

2 Answers2