Basic Authentication for entire server 1

[grega]

We have an installation (Solaris) running Oracle Application Server 10g which ships with Apache.

Is it possible to implement basic authentication in such a way that any requests to the HTTP server require a login/password? Preferably within httpd.conf.

We have a document root defined - but in our implementation there is nothing under it (due to the way Oracle implements the J2EE applications which are running). We have a number of virtual hosts listening on specific ports, and a number of directory aliases to other areas of the filesystem.

So, because of Oracle, this is not a "standard" Apache installation, but any pointers would be appreciated.

Greg.

 

[siberian]

Sure, just add a Location directive that protects the entire server

<Location />
require valid-user
bla
bla
bla
bla
</Location>

As long as you have a document root to protect this should work.

 

[grega]

Thanks Siberian, I'll look into this. As I said, Oracle may complicate things but it's worth a try.

Greg.

 

[siberian]

Why would oracle complicate it? Your protected the URI space which is before oracle enters scope at the app level.

 

[grega]

Just tried that and it seems to do what we want. Thanks.

Greg.