The new regex matching stuff rocks... except it's missing one thing
Ian Hobson
ian at ianhobson.co.uk
Thu Mar 12 01:30:07 MSK 2009
mike wrote:
> The auth stuff doesn't support it.
>
> Any ideas on how to support dynamically populating the
> auth_basic_user_file? Is this a quick and dirty thing? That'd be
> awesome if it was.
>
> location ~* ^/foo/private/(.*) {
> alias /home/foo/web/private/$1/;
> auth_basic "Restricted files";
> auth_basic_user_file /home/foo/web/private/$1/.htpasswd;
> }
>
>
> 2009/03/11 16:16:39 [crit] 14097#0: *11 open()
> "/home/foo/web/private/$1/.htpasswd" failed (2: No such file or
> directory), client: 1.2.3.4, server: foo.com, request: "GET
> /foo/private/demo-video/ HTTP/1.1", host: "foo.com"
>
I would have thought a new param, to list the users who were permitted
to authenticate would be more flexible. That way, you have one password
file, and only one password to change for a user who has access to
multiple areas.
permit_user <list>; and deny_user <list>; perhaps.
And why risk having your password file in your web tree?
Regards
Ian
More information about the nginx
mailing list