httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Iiro Niinikoski <secur...@myry.net>
Subject RE: [users@httpd] htpasswd w/ Apache 2.0.44/45
Date Wed, 02 Apr 2003 08:15:16 GMT


On Wed, 2 Apr 2003, Jeff Cohen wrote:

> Does the folder where the passwords files is accessible by the apache user?
> (nobody/nobody I think)

Yes... I'm running Apache2 by user www-data, group www-data.

I just noticed a _very_ weird thing (I think):

when I put the same .htaccess file to my DocumentRoot's root (the first
one defined in httpd.conf's main section), the htpasswd authentication
works.

My OS is Debian woody, I'm using a total of 4 virtual hosts (name based,
the last one is behind SSL).



Iiro Niinikoski



> > -----Original Message-----
> > From: Iiro Niinikoski [mailto:security@myry.net]
> > Sent: Tuesday, April 01, 2003 10:21 PM
> > To: users@httpd.apache.org
> > Subject: [users@httpd] htpasswd w/ Apache 2.0.44/45
> >
> >
> >
> > Hi,
> >
> >
> > here comes again another problem with htaccess... I've fought against this
> > about 20 hours now by searching similar problems with solutions, but no
> > use.
> >
> > The problem is that htpasswd- authentication doensn't work at all. I even
> > don't get a prompting box for uname and pass...
> >
> > In my httpd.conf there is AllowOverride AuthConfig for every <Directory>
> > defined.
> >
> > Apache2 isn't ignoring the .htaccess file, because if I garbage it, A2
> > shouts for 500.
> >
> > My .htaccess looks like this:
> >
> > AuthName "insider"
> > AuthType "Basic"
> > AuthUserFile "/azkaban/www/sec/insider"
> > Require valid-user
> >
> > and it's permissions are:
> >
> > -rw-r-----    1 www-data www-data       95 Apr  2 05:08 .htaccess
> >
> >
> > The sec- folder is available for A2, and the permissions for the
> > htpasswd:d file are:
> >
> > -rw-r-----    1 www-data www-data       61 Apr  2 01:59 insider
> >
> >
> > I've tried to watch the log files too, but there comes absolutely nothing
> > (not even when I've turned on the debug- logging).
> >
> >
> > I'm astonished about this.
> >
> >
> >
> > 	Iiro Niinikoski
> >
> > 	Vantaa, Finland
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message