I need some help with this simple directory access rules - sorry I just started playing with Apache 2.4 and not done this before.
I have configured Apache 2.4 to a stage where I can see a login for for protected resources and once I enter the user/pass I get access to the protected resourced.
Now I want to do the following which I am not sure how I can get this done.
- Web root is set to /var/www
- /var/www/login - anyone can access, no auth required as this folder contains login.html and logout.html. ( I got this working)
- /var/www - all other contents in the root of my app can only be accessed after authentication. This is the part I don't know how to setup.
My vhost conf looks like this.
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host2.example.com
DocumentRoot "/var/www"
ServerName auth-test.ml.com
ErrorLog "logs/test-error_log"
CustomLog "logs/test-access_log" common
<Directory "/var/www">
AuthFormProvider file
AuthType form
AuthName "Reserved Area"
Session On
SessionCookieName session path=/
require valid-user
# This is the login page
ErrorDocument 401 /login/index.html
# This is the file containing users login data
AuthUserFile /usr/local/apache2/auth/.htpasswd
</Directory>
<Directory /var/www/login>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>
AT the moment when I access the app like http://example.com I expect to see the login.html page returned but I get the following error message:
Unauthorized
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
Additionally, a 401 Unauthorized error was encountered while trying to use an ErrorDocument to handle the request.
How can I make this work?
