Protecting a Mongrel site with Apache htauth

Gareth_Adams · May 24, 2007, 2:55pm

Hi,

We have a mongrel site running behind Apache using ProxyBalancer to manage our cluster. We would like to use HTTP Authentication to restrict access to the site, but Apache's mod_auth only protects a directory - this is a problem because ProxyBalancer siphons off all the Rails requests before mod_auth has a chance to kick in.

Is it possible to restrict access to the site with our current setup?

Thanks, Gareth

Paul_Wright · May 25, 2007, 4:44pm

Is it not possible to have a Location directive instead of Directory to apply auth to all requests? A while ago I got something like the following working:

<Location / > AllowOverride None AuthName "My Rails App" AuthType Basic AuthUserFile "/path/to/file"

<Limit GET POST> require valid-user </Limit> </Location>

Paul.

Topic		Replies	Views
OT:Mongrel and Apache rubyonrails-talk	10	143	November 13, 2006
rails deployment rubyonrails-talk	4	104	January 10, 2008
Apache mod_proxy mongrel_cluster and subversion http rubyonrails-talk	0	142	May 21, 2007
authenticating in Apache before Rails rubyonrails-talk	1	206	December 8, 2006
Apache, REMOTE_USER, and Mongrel rubyonrails-talk	4	302	January 6, 2009

Protecting a Mongrel site with Apache htauth

Related topics

More Resources