Combining host and password restriction
You may wish to combine the two methods of authentication. Using our group project example, you might want to allow access to any group member who is either on the list of accepted domain-names and/or IP addresses OR can provide a valid name and password. That way, if the group members aren't at their own computers, they can still access the directory by supplying a password. Note: not all servers support this feature. You'll have to try it to find out.
Getting some satisfaction
To combine the two methods, you will need to use the satisfy command. It has two options: any or all. To create the situation described above for your group members, you would do this:
AuthUserFile /otherdir/.htpasswd AuthGroupFile /dev/null AuthName My Secret Stuff AuthType Basic order deny,allow deny from all allow from require user buddy zippy satisfy any
This will allow the user to either gain access by using your computer or by logging on as buddy or zippy. The other use of satisfy would be for something like this:
AuthUserFile /otherdir/.htpasswd AuthGroupFile /dev/null AuthName My Secret Stuff AuthType Basic order deny,allow deny from all allow from require user buddy zippy satisfy all
This would require the user to be both on your computer and to enter a correct password for buddy or zippy. If they can't meet these criteria, they get an error message and they do not get access to your files.
For more information
For more information on some of the other advanced uses of user authentication, check out the resources page.
|Justin R. Miller / firstname.lastname@example.org / 04.17.98|