From owner-freebsd-questions@FreeBSD.ORG  Mon Mar  6 12:53:48 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9758F16A420
	for <questions@freebsd.org>; Mon,  6 Mar 2006 12:53:48 +0000 (GMT)
	(envelope-from glenn@antimatter.net)
Received: from cobalt.antimatter.net (cobalt.antimatter.net [69.55.224.239])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 59F7643D46
	for <questions@freebsd.org>; Mon,  6 Mar 2006 12:53:48 +0000 (GMT)
	(envelope-from glenn@antimatter.net)
Received: from foo.antimatter.net (cpe-72-132-244-217.san.res.rr.com
	[72.132.244.217]) (authenticated bits=0)
	by cobalt.antimatter.net (8.13.4/8.13.4) with ESMTP id k26DNepw012441
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Mon, 6 Mar 2006 05:23:41 -0800
X-MailKey: purple frogs are falling from the sky
Message-Id: <7.0.1.0.2.20060306044151.08607410@antimatter.net>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0
Date: Mon, 06 Mar 2006 04:52:21 -0800
To: Scott Sipe <cscotts@mindspring.com>, questions@freebsd.org
From: Glenn Dawson <glenn@antimatter.net>
In-Reply-To: <013B73DF-99AA-4B20-BFB7-0A1130EBE780@mindspring.com>
References: <013B73DF-99AA-4B20-BFB7-0A1130EBE780@mindspring.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Cc: 
Subject: Re: Apache auth question
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Mar 2006 12:53:48 -0000

At 03:56 AM 3/6/2006, Scott Sipe wrote:

>I am dealing with a company LAN that lives behind an OpenBSD based
>firewall+NAT machine. All internal machines have 10.x.x.x addresses.
>
>One of the internal machines acts as an intranet webserver. Everyone
>in the building should be able to access it.
>
>I would ALSO like to expose it to the outside, and have outside
>requests authenticate. So everyone with a 10.x.x.x still has no
>limits, and external addresses after authenticating with a username/ 
>password have full access. Is this possible to do with apache2 config
>files?

Something like this should do what you want:

<Directory /docroot>
     AuthType basic
     AuthName "foo"
     AuthUserFile /path/to/htpasswds
     Order Deny,Allow
     Deny from all
     Require valid-user
     Allow from 10.0.0.0/16
     Satisfy any
</Directory>



>Scott
>_______________________________________________
>freebsd-questions@freebsd.org mailing 
>listhttp://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"