httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] Basic Authentication with Apache 2.44 on Solaris 8 doesn't appear to work
Date Mon, 28 Apr 2003 07:03:58 GMT
>-----Original Message-----
>From: Ezra [mailto:ezra@acedsl.com]
>
>You forgot to use:   Allowoverride 
>AuthConfig in the directory 
>container where you want Authentication.  I came across the same 
>situation a few weeks back(I was ready to punch my monitor).  So your 
>setup should look like:

This is not the problem; "AllowOverride" allows .htaccess files to kick
in so would be needed if his auth stuff was in a .htaccess. But he is
defining the authentication directives in the config file so doesn't
need it.

Other suggestions:

- check you don't have a "Satisfy any" directive applying to this dir
(even by inheritance).
- check there are no messages in the error_log (e.g. could not find
file...)
- check the user cfusion exists in the password file (careful of
case...)
- try "Require valid-user" instead.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


>
>
>Directory "/space/usr/jrun4/servers/default/cfusion/DLC/admin/">
>
>
>  AllowOverride AuthConfig ###################### You need this line
>
>##Don't forget your access restrictions.  example below
>#########################This is just an example
>order allow,deny
>Allow from all
>###############################################
>  AuthType Basic
>  AuthName "Restricted"
>  AuthUserFile /space/usr/jrun4/servers/default/passwd/passwords
>  Require user cfusion
>  </Directory>
>
>
>
>
>Ezra Taylor
>
>Richard Crawford wrote:
>> My Directory section looks like this:
>> 
>> <Directory "/space/usr/jrun4/servers/default/cfusion/DLC/admin/">
>> AuthType Basic
>> AuthName "Restricted"
>> AuthUserFile /space/usr/jrun4/servers/default/passwd/passwords
>> Require user cfusion
>> </Directory>
>> 
>> However, when I go to the website in question, I'm not 
>prompted for a 
>> username or password.
>> 
>> I've tried removing the quotes around the directory name, I've tried 
>> removing the trailing slash, I've tried putting quotes around the 
>> AuthUserFile name, I've tried recreating the passwords file several 
>> times.  I've quadruple-checked to make sure all of the 
>directories and 
>> files that are referenced exist.  I have tried placing the 
><Directory> 
>> section in the main part of the httpd.conf file, and I've 
>tried placing 
>> it in the virtual hosts section as well.  I'm stumped.
>> 
>> I have the feeling that I may be missing something.  I've 
>searched and 
>> re-searched on the Apache website and in several other websites that 
>> I've bookmarked that have to do with Apache security.  I've looked 
>> through the rest of the httpd.conf file to make sure there 
>are no other 
>> settings that could override the authentication here, and 
>while I am no 
>> Apache guru I don't think I've missed anything... but I 
>could be wrong.
>> 
>> Does anyone have any suggestions as to where else in 
>httpd.conf I might 
>> want to look, or any additional directives I should put into my 
>> <Directory> setting?  I'm not sure if the placement of the Directory 
>> section in the httpd.conf file should matter at all (my 
>understanding is 
>> that it doesn't), but if it does, where should I put it?
>> 
>> 
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP 
>Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>> 
>> 
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP 
>Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message