Bug 14726 - satisfy directive scope problem?
Summary: satisfy directive scope problem?
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: Core (show other bugs)
Version: 2.0-HEAD
Hardware: All All
: P3 enhancement (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Depends on:
Reported: 2002-11-21 02:25 UTC by bewdy_au
Modified: 2004-11-16 19:05 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description bewdy_au 2002-11-21 02:25:23 UTC
I set up a server script directory called /bug containing the 
attached .htaccess file and script, test.cgi.  In this configuration, GETing 
and POSTing /bug/test.cgi both require authentication.  If the order of the 
Limit directives is reversed, neither requires authentication.  Should 
the "satisfy all" and "satisfy any" directives be limited to the scope of the 
respective Limit directives?  This setup is just to demonstrate the problem and 
not what I actually want to achieve.

------------------------ .htaccess ----------------------------------
    AuthType Basic
    AuthName Basic
    AuthUserFile /usr/local/apache2/htaccess/htpasswd
    AuthGroupFile /usr/local/apache2/htaccess/htgroup

    <Limit GET>
        satisfy any
        allow from all
        require valid-user

    <Limit POST>
        satisfy all
        allow from all
        require valid-user

---------------------- test.cgi -------------------------
cat <<EOD
Content-type: text/html

<form action="/bug/test.cgi" method="post">
<input type="submit">

Comment 1 André Malo 2004-03-14 16:28:05 UTC
It never worked. But considered useful ;)
It was fixed in 2.1 and is a possible candidate for being backported into 2.0.

Thanks for the report and for using Apache.