[Solved] auth for nested folders and multiple users
Added by stokito about 2 years ago
I have a `/dav/` folder that I wan't to be acessible to `admin` with all subfolders and `/dav/media/` that accessible to a `player` user but also to `admin`:
auth.require = (
"/dav/" => ("method" => "basic", "realm" => "disk", "require" => "user=admin"),
"/dav/media/" => (
"method" => "basic",
"realm" => "disk",
"require" => "user=player"
)
)
And the admin user can list all subdirs but the player user don't and gets 401.
This is not something that I expected. If only the player user can access the folder that would something that makes sense e.g. a personal folder.
But later I get the logic: it's just a map and values are overrided.
In this case it would be better to show an error or fail because any mess with auth may be critical.
I found how to make the workaround:
$HTTP["url"] =~ "^/dav($|/)" {
auth.require = (
"/dav/" => (
"method" => "basic",
"realm" => "disk",
"require" => "user=admin"
)
)
$HTTP["url"] =~ "^/dav/media($|/)" {
auth.require = (
"/dav/" => (
"method" => "basic",
"realm" => "disk",
"require" => "user=admin|user=player"
)
)
}
}
But this is too complicated and bloated so if I put an instruction I'm afraid that some users may configure it incorrectly.
Maybe it's possible to do something about this?
Some similar articles:
https://redmine.lighttpd.net/projects/1/wiki/howtoauthenticationfrommultiplefiles
Looks similar but uses different htaccess files which is something that overcomplicated as for me.
https://redmine.lighttpd.net/boards/2/topics/1458 how to exclude a folder
Replies (2)
RE: WebDAV subfolders for diferent users - Added by gstrauss about 2 years ago
Put the longest match first.
auth.require = ( "/dav/media/" => ( "method" => "basic", "realm" => "disk", "require" => "user=admin|user=player" ), "/dav/" => ( "method" => "basic", "realm" => "disk", "require" => "user=admin") )
RE: [Solved] auth for nested folders and multiple users - Added by stokito about 2 years ago
Thank you, I checked and it works.