I have an application made in CakePHP 2 that has a HTTP protection through .htaccess file. Already have an exception in a certain directory in webroot and works well.
AuthType Basic
AuthName "My Application"
AuthUserFile /my/application/path/.htpasswd
Require valid-user
SetEnvIf Request_URI "files/photos/" allow
Order allow,deny
Allow from env=allow
Satisfy any
But now also need an exception for a specific URL, which is a View of a certain Controller. I tried to simply add this line but it did not work, still requesting username and password.
SetEnvIf Request_URI "users/confirmation/" allow
I have UsersController and confirmation() method. The point is that one is a physical path and the other is "virtual".
Any idea for resolve this issue?
Solved by changing the lines containing the paths to be ignored by authentication:
SetEnvIf Request_URI "files/photos/" noauth=1
SetEnvIf Request_URI "users/confirmation/*" noauth=1
And then, adding the exception with the REDIRECT_ prefix:
Allow from env=REDIRECT_noauth