[Linux] Different dirs for different logins with apache?
Danny Rathjens
linux@flux.org
Mon, 04 Jun 2007 10:17:07 -0400
Yeah, that was what I was thinking. Using mod_rewrite to redir to a specific
dir based on the environment var indicating the user they authenticated as;
which is $REMOTE_USER.
Kendrick Vargas wrote:
> I don't know that you couldn't do what the dude wanted with mod_rewrite.
> In fact it'd probably make his life easier, though there'd definitely be
> some trick involved.
>
> If apache allows setting variables within the configuration file based
> on some other criteria (and I believe it does), he could write a rewrite
> rule that does an internal redirect (invisible to the outside user) to a
> seperate file or webroot. I think it'd be possible, but it'd take some
> work on the part of the configurator.
> -peace
>
> Michael Beal wrote:
>> Yes, it is possible, Aaron. Using mod_rewrite as Danny suggests won't
>> get it. mod-rewrite doesn't work that way. mod_rewrite, AFAIK, is a
>> URL scrubber.
>>
>> 1) Set up a session cookie which will authenticate the user and expires
>> after a preset amount of time.
>> 2) Set up a MySQL DB that handles logins and "home" folders.
>> 3) Do some PHP script to determine who gets to see what.
>> 4) Add an .htaccess file to each directory that restricts access to
>> anyone other than the sysadmin(root) and webserver user(www or www-data
>> or www-html). I know this seems odd but remember that only Apache is
>> going to be accessing the logged in user's folder so there's no issue
>> with locking yourself out.
>>
>> As for the .htaccess file, you could get really tricky and force file
>> accesses to the logged in user. Don't ask me how on that one though...
>> No clue.
>>
>> --- Aaron Wolfe <Aaron@kdtsolutions.com> wrote:
>>
>>> Hi,
>>>
>>>
>>>
>>> I am not sure if this is possible, but thought one of the experts
>>> here
>>> might point me in the right direction.
>>>
>>> I would like to have a website that requires user authentication, and
>>> depending on the login supplied, serves up one of many different web
>>> roots. In other words, if you login as Bob you see one website and
>>> if
>>> you login as Terry you see a completely different one, with no way to
>>> navigate between the two.
>>>
>>>
>>>
>>> I could do this with a cgi that redirects based on the user, but I
>>> don't
>>> think it would be ideal or all that secure and I was hoping apache
>>> could
>>> be setup to do this automagically. I haven't found much about this
>>> searching on the web, so any ideas are appreciated.
>>>
>>>
>>>
>>> -Aaron
>>>
>>>
>>>
>>>
>>
>>
>>
>> ____________________________________________________________________________________
>> Be a better Heartthrob. Get better relationship answers from someone who knows. Yahoo! Answers - Check it out.
>> http://answers.yahoo.com/dir/?link=list&sid=396545433
>> _______________________________________________
>> Linux mailing list
>> Linux@flux.org
>> http://www.flux.org/mailman/listinfo/linux
> _______________________________________________
> Linux mailing list
> Linux@flux.org
> http://www.flux.org/mailman/listinfo/linux
>