I'm setting up a media server in the anthropology department using Mac OSX 10.5 Server. With the demise of the C-Labs service, I wanted a secure way to make streaming video available for in-class use. The Mac OS X Leopard Server was an obvious choice.
Right now, I'm just using flat files and the Mac OSX Server built-in Apache server. In order to restrict the streams to just Yale students, I wanted to limit the contents of certain directories to just Yale IP addresses.
This should be easily done using .htaccess files. However, the default configuration doesn't have .htaccess services turned on (since it is server / file system intensive to do so). However, I couldn't for the life of me to get the Apache server to recognize my modifications in the
/etc/httpd/httpd.conf file. ARGHH!!! It was almost as if it was ignoring it.
It turns out that Mac OSX Server 10.5 uses Apache 2.0 by default and the *real* configuration file is located in:
Why Apple didn't include a nice little README to this effect -- or symlink the old location to the new, I don't know. It's even more confusing as the majority of Mac OSX Server help pages on the net reference earlier versions of Mac OS X server, where the files are in the older directory.
In any case, I managed to modify the /etc/apache2/httpd.conf file and get local .htaccess files working.
My .htaccess files look something like this:
This seems to work, but I'd love to get more feedback from people with more experience with MacOSX Server.
AuthUserFile /locationofmyhtpasswdfile/.htpasswd AuthName "Please enter your userid / password for off-campus use" AuthType Basic <limit GET POST> satisfy any order allow,deny allow from .yale.edu require valid-user </limit>