httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: MS Word, .htaccess & Passwords
Date Mon, 03 Jun 2002 17:18:07 GMT

On Mon, 3 Jun 2002 Lad.Gaal@cle.philips.com wrote:
> I have users directories at /home. So when a user has a word document and
> someone tries to access it, the browser puts up the "enter network
> password" box. You can click OK to the empty box or hit cancel and the .doc
> file proceeds to open. This type of scenario also happens in the protected
> area of the tree structure. The curious thing is that I have seen this only
> occur with MS word documents. It doesn't happen with pdf files, text files,
> etc.
>
> I have checked the mime types and played with the httpd.conf file till I'm
> blue. The only thing that I have found to get passed this trouble is to
> remove the .htaccess I am open to any and all suggestions to resolve this
> quirk while maintaining the security of .htaccess.

This sounds like typical MS-brain-dead behvior.  My guess: MSIE is looking
for frontpage extensions or some such thing to see if it will give
"publishing" access to the word document.  It looks for these files under
the document root.  If you didn't have authentication, they would just be
"not found", but since you have authentication, the server must ask for
auth before it can confirm that.

Solutions?  Well, you can check your access log for the particular files
that MS is looking for and deliberately unprotect those locations.  (You
won't have any files there, but if you unprotect the relevant directory,
you should be able to stop the password prompt.)

Joshua.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message