|
reghigh
reghigh at thefactz.org
Thu Oct 6 09:31:10 EDT 2005
Trevor Hennion wrote: > reghigh wrote: > >> Gregory (Grisha) Trubetskoy wrote: [snip] > > > Hi, > > There are limitations in using <Location> directives. > From the Apache manual: > > <Location> sections operate completely outside the filesystem. This has > several consequences. Most importantly, <Location> directives should not > be used to control access to filesystem locations. > When to use <Location> > Use <Location> to apply directives to content that lives outside the > filesystem. For content that lives in the filesystem, use <Directory> > and <Files>. An exception is <Location />, which is an easy way to apply > a configuration to the entire server. > > HTH > > Trevor Hennion > http://www.infocentrality.co.uk Thanks for this Trevor. I had read this part of the manual as well as stuff on Directory etc before my original post. I pointed out in there that I could get similar behaviour using a Directory handler. Furthermore even leaving that aside I am not quite sure how this changes anything. I was using <Location /> precisely because I *do* want to restrict access to entire server. Futhermore I am not really concerned at present that Location may not be the best way to implement security (as detailed in the apache manual) but rather that the Location directive seems to result in multiple calls to authenhandler with different url paths (as detailed in previous posts). Regards, Tristan
|