I have an apache 2.4 site protect with mod-auth-openidc. Is there a way to unprotect a particular within that protected area? Right now my apache config has one small paragraph where mod-auth-openidc is configured to protect the entire site. I discovered there are three out of a possible 137 that don't need to be protected. If there is no way to unprotect a then I will have to individually protect or unprotect all 137 . That's a lot of configuration changes.
In the past I've been able to unprotect specific locations by creating a tag and specifying Allow from all and Satisfy any. This doesn't work when using mod-auth-openidc. I also found a post that talked about providing public access by using SetEnvIf but that doesn't work either.
<Location /mynewsite>
# Protect everything using oidc
AuthType openid-connect
Require claim "sub~^employeeGroup2*"
# Don't protect employeeplans
SetEnvIf Request_URI "(/mynewsite/employeeplans/)$" allow
Order allow,deny
Allow from env=allow
Satisfy any
</Location>
I'm not going to create 137 config paragraphs in my apache config. If there is no solution I'll have to scrap this project.
Using AuthType None on those paths should do it.