Authentify users comming from a range of address

30/09/2006, 15h01

Hi,

We have an apache 2.??? server and within this config some Directory,
Location, ProxyPass, etc.

1. Directory directives used to go within our php application:

<Directory /MySite/*>
....
</Directory>

2. Location directives are used to access on Subversion repositories

<Location /MySite/svn/myrepo01>
....
</Location>
<Location /MySite/svn/myrepo02>
....
</Location>

3. ProxyPass and ProxyPassReverse to rewrite access on internal j2ee
applications

ProxyPass /MySite/jira/ http://myinternalserver/MySite/jira
ProxyPassReverse /MySite/jira/ http://myinternalserver/MySite/jira

As you can see all those adresses begin with /MySite

It works well. The authentication for our internal users is done, if
necessary, by the different elements.

MY PROBLEM: I need to authentify users that are coming from a range of
IP Adresses. Those users are coming from Internet. There are going
trough a webgate server. This server have a certain range of addresses.

I imagine to use Proxy for this range of ip address. Is it the correct
technic?

And if Yes, How can I do to proxying all the different directives?

Thanks,

Bruno

30/09/2006, 15h58

Some more informations,

My goal is to find a technic to keep the different directives as it is,
and to surround them with a proxy or something like that. I want to
avoid to duplicate all the directives. I don't want a directive from
intranet and another one for this range of address.

The authentication is "just" to validate the incoming user. All those
incoming users are registered within a central ldap server.

Bruno

01/10/2006, 17h56

Is it a solution to put a Limit like this within the httpd.conf file?

<Limit>
order allow,deny
deny from X.Y.Z.[A..B]
allow from all
AuthType Basic
AuthLDAP...
Require valid-user
</Limit>

And outside this denied address, it is a full access.

Thanks,

Bruno

01/10/2006, 21h16

"blaisbr" <brnbls@gmail.com> schreef in bericht
news:1159721790.517542.254580@k70g2000cwa.googlegr oups.com...
> Is it a solution to put a Limit like this within the httpd.conf file?
>
> <Limit>
> order allow,deny
> deny from X.Y.Z.[A..B]
> allow from all
> AuthType Basic
> AuthLDAP...
> Require valid-user
> </Limit>
>
> And outside this denied address, it is a full access.
NO

Reading the documentation is an easier way to learn than guessing.

http://httpd.apache.org/docs/2.0/mod/core.html#limit

HansH

30/09/2006, 15h01	#1
brnbls@gmail.com Messages: n/a Hébergeur:	Authentify users comming from a range of address Hi, We have an apache 2.??? server and within this config some Directory, Location, ProxyPass, etc. 1. Directory directives used to go within our php application: <Directory /MySite/*> .... </Directory> 2. Location directives are used to access on Subversion repositories <Location /MySite/svn/myrepo01> .... </Location> <Location /MySite/svn/myrepo02> .... </Location> 3. ProxyPass and ProxyPassReverse to rewrite access on internal j2ee applications ProxyPass /MySite/jira/ http://myinternalserver/MySite/jira ProxyPassReverse /MySite/jira/ http://myinternalserver/MySite/jira As you can see all those adresses begin with /MySite It works well. The authentication for our internal users is done, if necessary, by the different elements. MY PROBLEM: I need to authentify users that are coming from a range of IP Adresses. Those users are coming from Internet. There are going trough a webgate server. This server have a certain range of addresses. I imagine to use Proxy for this range of ip address. Is it the correct technic? And if Yes, How can I do to proxying all the different directives? Thanks, Bruno

30/09/2006, 15h58	#2
blaisbr Messages: n/a Hébergeur:	Re: Authentify users comming from a range of address Some more informations, My goal is to find a technic to keep the different directives as it is, and to surround them with a proxy or something like that. I want to avoid to duplicate all the directives. I don't want a directive from intranet and another one for this range of address. The authentication is "just" to validate the incoming user. All those incoming users are registered within a central ldap server. Bruno

01/10/2006, 17h56	#3
blaisbr Messages: n/a Hébergeur:	Re: Authentify users comming from a range of address Is it a solution to put a Limit like this within the httpd.conf file? <Limit> order allow,deny deny from X.Y.Z.[A..B] allow from all AuthType Basic AuthLDAP... Require valid-user </Limit> And outside this denied address, it is a full access. Thanks, Bruno

01/10/2006, 21h16	#4
HansH Messages: n/a Hébergeur:	Re: Authentify users comming from a range of address "blaisbr" <brnbls@gmail.com> schreef in bericht news:1159721790.517542.254580@k70g2000cwa.googlegr oups.com... > Is it a solution to put a Limit like this within the httpd.conf file? > > <Limit> > order allow,deny > deny from X.Y.Z.[A..B] > allow from all > AuthType Basic > AuthLDAP... > Require valid-user > </Limit> > > And outside this denied address, it is a full access. NO Reading the documentation is an easier way to learn than guessing. http://httpd.apache.org/docs/2.0/mod/core.html#limit HansH

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email