Sometimes you want to setup a directory structure in apache such that logged in users can only see their own directory. (i.e. the directory name and the username match.)
What do you put in the configuration so that apache will check this?
Asked
Active
Viewed 72 times
1 Answers
1
So the idea is that people just browse to /directory/ and enter their username and password. It will then redirect them to /directory/username/ and check that the directory and username match if they try to go to someone else's directory.
AuthType Basic
AuthName "Your Realm Name"
Order allow,deny
AuthUserFile .......
Require valid-user
RewriteEngine On
#If just to /directory then redirect to the per user area
RewriteRule ^$ /directory/%{REMOTE_USER} [R,L]
#WARNING: make sure usernames can't have slashes in them
#grab the directory from the URL from RewriteRule (it's called $1)
#use a REGEX backreference to see if $1 equals %{REMOTE_USER} with a slash in between for performance
RewriteCond $1/%{REMOTE_USER} !^([^/]+)/\1$
#If they don't match then give them a fail page
RewriteRule ^([^/]+) - [F]
Ariel
- 111
- 2