Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
Message-ID: <1EA9F763030CD511A8A900B0D03D1AA247EE85@xdelta.lancasterlabs.com>
From: jkstoltzfus@lancasterlabs.com
To: users@httpd.apache.org
Date: Mon, 28 Apr 2003 10:03:31 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Subject: RE: [users@httpd] Basic Authentication with Apache 2.44 on Solari
	s 8 doesn't   appear to work

There is an AllowOverride parameter in the httpd.conf file that needs to be
set.  By default, it is set to None.  

-----Original Message-----
From: Richard Crawford [mailto:rcrawford@unexmail.ucdavis.edu]
Sent: Friday, April 25, 2003 7:30 PM
To: users@httpd.apache.org
Subject: [users@httpd] Basic Authentication with Apache 2.44 on Solaris
8 doesn't appear to work


My Directory section looks like this:

<Directory "/space/usr/jrun4/servers/default/cfusion/DLC/admin/">
AuthType Basic
AuthName "Restricted"
AuthUserFile /space/usr/jrun4/servers/default/passwd/passwords
Require user cfusion
</Directory>

However, when I go to the website in question, I'm not prompted for a 
username or password.

I've tried removing the quotes around the directory name, I've tried 
removing the trailing slash, I've tried putting quotes around the 
AuthUserFile name, I've tried recreating the passwords file several 
times.  I've quadruple-checked to make sure all of the directories and 
files that are referenced exist.  I have tried placing the <Directory> 
section in the main part of the httpd.conf file, and I've tried placing it 
in the virtual hosts section as well.  I'm stumped.

I have the feeling that I may be missing something.  I've searched and 
re-searched on the Apache website and in several other websites that I've 
bookmarked that have to do with Apache security.  I've looked through the 
rest of the httpd.conf file to make sure there are no other settings that 
could override the authentication here, and while I am no Apache guru I 
don't think I've missed anything... but I could be wrong.

Does anyone have any suggestions as to where else in httpd.conf I might 
want to look, or any additional directives I should put into my <Directory> 
setting?  I'm not sure if the placement of the Directory section in the 
httpd.conf file should matter at all (my understanding is that it doesn't), 
but if it does, where should I put it?


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

CONFIDENTIAL MATERIAL: This message is intended only for the use of the
individual or entity to which it is addressed and may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law. If received in error, please notify sender by return e-mail
and destroy all copies of the original transmission and any attachments.
Thank you. If you wish to view information about Lancaster Laboratories,
Inc., please visit our website at www.lancasterlabs.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org