httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] htpasswd w/ Apache 2.0.44/45
Date Wed, 02 Apr 2003 09:03:22 GMT
>-----Original Message-----
>From: Iiro Niinikoski [mailto:security@myry.net]
>
>I just noticed a _very_ weird thing (I think):
>
>when I put the same .htaccess file to my DocumentRoot's root (the first
>one defined in httpd.conf's main section), the htpasswd authentication
>works.

You must be switching off mod_auth with an AllowOverride directive which
is applying to the lower directory. Check all such directives and be
sure you are clear how he precedence rules work.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 
>
>My OS is Debian woody, I'm using a total of 4 virtual hosts 
>(name based,
>the last one is behind SSL).
>
>
>
>Iiro Niinikoski
>
>
>
>> > -----Original Message-----
>> > From: Iiro Niinikoski [mailto:security@myry.net]
>> > Sent: Tuesday, April 01, 2003 10:21 PM
>> > To: users@httpd.apache.org
>> > Subject: [users@httpd] htpasswd w/ Apache 2.0.44/45
>> >
>> >
>> >
>> > Hi,
>> >
>> >
>> > here comes again another problem with htaccess... I've 
>fought against this
>> > about 20 hours now by searching similar problems with 
>solutions, but no
>> > use.
>> >
>> > The problem is that htpasswd- authentication doensn't work 
>at all. I even
>> > don't get a prompting box for uname and pass...
>> >
>> > In my httpd.conf there is AllowOverride AuthConfig for 
>every <Directory>
>> > defined.
>> >
>> > Apache2 isn't ignoring the .htaccess file, because if I 
>garbage it, A2
>> > shouts for 500.
>> >
>> > My .htaccess looks like this:
>> >
>> > AuthName "insider"
>> > AuthType "Basic"
>> > AuthUserFile "/azkaban/www/sec/insider"
>> > Require valid-user
>> >
>> > and it's permissions are:
>> >
>> > -rw-r-----    1 www-data www-data       95 Apr  2 05:08 .htaccess
>> >
>> >
>> > The sec- folder is available for A2, and the permissions for the
>> > htpasswd:d file are:
>> >
>> > -rw-r-----    1 www-data www-data       61 Apr  2 01:59 insider
>> >
>> >
>> > I've tried to watch the log files too, but there comes 
>absolutely nothing
>> > (not even when I've turned on the debug- logging).
>> >
>> >
>> > I'm astonished about this.
>> >
>> >
>> >
>> > 	Iiro Niinikoski
>> >
>> > 	Vantaa, Finland
>> >
>> >
>> > 
>---------------------------------------------------------------------
>> > The official User-To-User support forum of the Apache HTTP 
>Server Project.
>> > See <URL:http://httpd.apache.org/userslist.html> for more info.
>> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> > For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP 
>Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP 
>Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message