Is it possible to nest basic auth? So that the parent folder and all subfolders can be accessed using one basic auth directive but subfolders have seperate auth
VHost config:
<VirtualHost *:80>
ServerName subdomain.domain.com
#
# Comment
#
ErrorLog "/var/log/httpd/analytics_prox_error_log"
CustomLog "/var/log/httpd/analytics_prox_access_log" common
SSLProxyEngine on
SSLProxyVerify none
ProxyRequests Off
<Location />
AuthType Basic
AuthName "ProxyMain"
AuthUserFile /var/www/analytics-auth/.htpasswd
Require user datateam
Satisfy any
Deny from all
Allow from 192.168.0.0/16 10.0.0.0/8
</Location>
<Location /folder1/>
AuthType Basic
AuthName "Proxy"
AuthUserFile /var/www/analytics-auth/.htpasswd
Require user mainuser folder1user
Satisfy any
Deny from all
Allow from 192.168.0.0/16 10.0.0.0/8
</Location>
<Location /anotherfolder/>
AuthType Basic
AuthName "Proxy"
AuthUserFile /var/www/analytics-auth/.htpasswd
Require user mainuser anotherfolderuser
Satisfy any
Deny from all
Allow from 192.168.0.0/16 10.0.0.0/8
</Location>
ProxyPass / https://1.1.1.1/
ProxyPassReverse / https://1.1.1.1/
</VirtualHost>
The basic auth that is prompted for / is the same for all the sub folders and works correctly. (AuthMain) However if I browse to a specified folder such as folder1 i get the root basic auth and not the basic auth specific to that location
From the documentation on the
<Location>directive, the firstLocationdirective matches all the other paths too. Since you are using Apache 2.4, you should be able to use negative matches withLocationMatch. Something alongshould work.
This was caused by a lack of quotes around the folders in Location. Adding double quotes around them resolved this for me.