Hi,
We have a mongrel site running behind Apache using ProxyBalancer to manage our cluster. We would like to use HTTP Authentication to restrict access to the site, but Apache's mod_auth only protects a directory - this is a problem because ProxyBalancer siphons off all the Rails requests before mod_auth has a chance to kick in.
Is it possible to restrict access to the site with our current setup?
Thanks, Gareth
Is it not possible to have a Location directive instead of Directory to apply auth to all requests? A while ago I got something like the following working:
<Location / > AllowOverride None AuthName "My Rails App" AuthType Basic AuthUserFile "/path/to/file"
<Limit GET POST> require valid-user </Limit> </Location>
Paul.
Keep up to date with Rails on Twitter and This Week in Rails
Policies: Conduct, License, Maintenance, Security, Trademarks