问题描述

与我的previous问题：.htaccess检查的Cookie，再有效的用户

Related to my previous question: .htaccess check for cookie first, then valid-user

大家好，我真的希望AP preciate由专家在这里一定的帮助。我的httpd.conf中应要求使用mod_auth_mysql或cookie的用户登录 - 但现在它只是检查用户登录。从previous问题的code现在位于我的httpd.conf。

Hi guys, I really would appreciate some help from the experts here. My httpd.conf should require a user login using mod_auth_mysql OR a cookie - but now it's only checking for a user login. The code from the previous question is now located in my httpd.conf.

什么是工作：

目前，对于用户所有的/ var / WWW /下载和子目录（在/ var / WWW /下载/〜用户名〜）要求用户名和密码，使用mod_auth_mysql。这工作。

Currently, all /var/www/downloads and subdirectories for users (/var/www/downloads/~username~) require a username and password using mod_auth_mysql. This works.

什么是不工作：

现在的问题是：我有设置，这应该要求或者使用登录mod_auth_mysql（作品），或一个cookie（不工作）。如果cookie present，那么它会自动显示该目录的内容，当用户进入到/ var / WWW /下载/。但事实并非如此，它要求用户名/密码不动。

The problem is: I have settings which SHOULD require either a login using mod_auth_mysql (works), or a cookie (doesn't work). If the cookie is present, then it should automatically display the contents of the directory when a user goes to /var/www/downloads/. But it doesn't, it asks for a username/password still.

我用SetEnvIf之后，但它可能会被不正确地使用以满足所有。可能我的httpd.conf文件和/站点启用/ 000默认的冲突。我不是大部分的东西经历过这里，所以任何帮助，将大量AP preciated！

I'm using SetEnvIf, but it might be being used incorrectly with "satisfy all". I might have conflicts between httpd.conf and /sites-enabled/000-default. I'm not experienced with most of the stuff here, so any help would be massively appreciated!

httpd.conf中：

RewriteEngine on
RewriteLogLevel 9
RewriteLog /var/www/logs/rewrite.log

#Block IPs
<Directory /var/www>
    RewriteEngine On

    #only use my server for apache
    RewriteCond %{HTTP_HOST} !^2.2.2.2$ [NC]
    RewriteRule ^(.*)$ http://www.google.co.uk/$1 [L,R=301]

    RewriteCond %{REMOTE_ADDR} 0.0.0.0 [NC,OR]
    RewriteCond %{REMOTE_ADDR} 1.1.1.1 [NC]
    RewriteRule ^(.*)$ http://www.google.com [R]
</Directory>

# DOWNLOADS TOP DIRECTORY
<Directory /var/www/downloads>
    #Options Indexes
    #AllowOverride All
    #Order deny,allow
    #Deny from all
    #Allow from All

    AuthName "Please don't hack the server, thanks"
    AuthBasicAuthoritative Off
    AuthUserFile /dev/null
    AuthMySQL On
    AuthType Basic
    Auth_MYSQL on
    Auth_MySQL_Host localhost
    Auth_MySQL_User user
    Auth_MySQL_Password password
    AuthMySQL_DB db
    AuthMySQL_Password_Table users
    Auth_MySQL_Username_Field username
    Auth_MySQL_Password_Field password
    Auth_MySQL_Empty_Passwords Off
    Auth_MySQL_Encryption_Types Plaintext
    Auth_MySQL_Authoritative On
    require user luke

</Directory>

# EXAMPLE USERS DIRECTORY
# MIKE
<Directory /var/www/downloads/mike>
    SetEnvIf Cookie (.*)cookiename(.*) norequire_auth=yes
    Order Deny,Allow
    deny from all
    Satisfy Any

    #MYSQL AUTH
    AuthName "Please login"
    AuthBasicAuthoritative Off
    AuthUserFile /dev/null
    AuthMySQL On
    AuthType Basic
    Auth_MYSQL on
    Auth_MySQL_Host localhost
    Auth_MySQL_User user
    Auth_MySQL_Password password
    AuthMySQL_DB db
    AuthMySQL_Password_Table users
    Auth_MySQL_Username_Field username
    Auth_MySQL_Password_Field password
    Auth_MySQL_Empty_Passwords Off
    Auth_MySQL_Encryption_Types Plaintext
    Auth_MySQL_Authoritative On
    require user mike

    #COOKIE AUTH
    Allow from env=norequire_auth
</Directory>

在情况下，它可能会帮助，站点启用/ 000默认：可能会造成冲突？ http://jsfiddle.net/Xcece/

​In case it may help, sites-enabled/000-default: may be causing conflicts? http://jsfiddle.net/Xcece/

我不使用.htaccess文件。我已经改变了周围指令的负载，并得到了完全迷失了。

I'm not using .htaccess files. I have changed a load of directives around and have gotten quite lost.

我不能为我的生命弄清楚为什么它不工作 - 我不太了解可能存在的冲突，在正确的方向解释这样一个点，这样我能避免这种情况在未来会大。谢谢你。

I can't for the life of me figure out why it's not working - I don't quite understand the conflicts that may exist, so a point in the right direction with explanation so I can avoid this in the future would be great. Thank you.

推荐答案

终于来了！一周搜索后...

Finally! After a week searching...

该问题是与设置cookie。具有不同的目录中的文件意味着该cookie没有被正确地读出httpd.conf文件 - 这实际上是正确的

The problem was with setting the cookie. Having the files in different directories meant that the cookie wasn't being read correctly by the httpd.conf - which is in fact correct.

我必须设置第四个参数为cookie来'/下载/麦克，从而允许其通过正确的httpd.conf文件中读取。

I had to set the fourth parameter for the cookie to '/downloads/mike' thereby allowing it to be read by the httpd.conf file correctly.

session_start();
setcookie("cookiename","cookiename",time() + 3600, '/downloads/mike');

记住使用时间（）破坏cookie时 - X 使用第四个参数摧毁它 /下载/麦克。

Just remember when destroying the cookie using time()-x to destroy it using the fourth parameter /downloads/mike.

这篇关于httpd.conf文件code不能正常工作 - 建议吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！