How can I disable Kerberos authentication for only the root of my site?

Posted by petRUShka on Server Fault See other posts from Server Fault or by petRUShka
Published on 2012-07-02T18:03:48Z Indexed on 2012/07/05 9:17 UTC
Read the original article Hit count: 347

Filed under:

apache2

|

authentication

|

kerberos

|

url

|

authorization

I have Kerberos-based authentication and I want to disable it on only root url: http://mysite.com/. And I want it to continue to work fine on any other page like http://mysite.com/page1.

I have such things in my .htaccess:

AuthType Kerberos
AuthName "Domain login"
KrbAuthRealms DOMAIN.COM
KrbMethodK5Passwd on
Krb5KeyTab /etc/httpd/httpd.keytab
require valid-user

I want to turn it off only for root URL. As workaround it is possible to turn off using .htaccess in virtual host config. Unfortunately I don't know how to do it.

Part of my vhost.conf:

    <Directory /home/user/www/current/public/>
            Options -MultiViews +FollowSymLinks
            AllowOverride All
            Order allow,deny
            Allow from all
    </Directory>

UPD. I'm using Apache/2.2.3 (Linux/SUSE)

I tried to use such version of .htaccess:

SetEnvIf Request_URI ^/$ rootdir=1
Allow from env=rootdir
Satisfy Any
AuthType Kerberos
AuthName "Domain login"
KrbAuthRealms DOMAIN.COM
KrbMethodK5Passwd on
Krb5KeyTab /etc/httpd/httpd.keytab
require valid-user

Unfortunately such config turn Kerberos AuthType for all URLs. I tried to place first 3 lines

SetEnvIf Request_URI ^/$ rootdir=1
Allow from env=rootdir
Satisfy Any

after main block, but it didn't help me.

Developer IT