httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <>
Subject RE: [users@httpd] Authentication
Date Mon, 12 May 2003 08:30:55 GMT
>-----Original Message-----
>From: jose sanchez []
>I am experiencing some problems with apache
>authentication. I have created a .htaccess file in the
>directory I want to be available to valid-users. I
>created the password file and added users but, I am
>unable to authenticate. Anybody can just access the
>"private" page. Heres my .htaccess file:
>Do I need to do something else?

You have to "Allow" the .htaccess file to "Override" the main config
file. This is done with the "AllowOverride" directive. Check the docs
for details, but basically you need;

	AllowOverride AuthConfig

applying to the directory which contains the .htaccess file.

NB The default for this directive is "AllowOverride All" so I suspect
you have switched this off with another AllowOverride directive in a
higher-level dir. Be aware of the inheritance rules for these type of
directory-specific directives.

Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.  

>AuthType Basic
>AuthName "Statistics"
>AuthUserFile /usr/apache/users/private
>AuthGroupFile /bin/false
>require valid-user
>The AccessFileName in http.conf file IS .htaccess. 
>whmicro-www:/home/www/logs# /usr/apache/bin/httpd -l
>Compiled-in modules:
>  http_core.c
>  mod_env.c
>  mod_log_config.c
>  mod_mime.c
>  mod_negotiation.c
>  mod_status.c
>  mod_include.c
>  mod_autoindex.c
>  mod_dir.c
>  mod_cgi.c
>  mod_asis.c
>  mod_imap.c
>  mod_actions.c
>  mod_userdir.c
>  mod_alias.c
>  mod_access.c
>  mod_auth.c
>  mod_auth_digest.c
>  mod_so.c
>  mod_setenvif.c
>suexec: disabled; invalid wrapper
>Do I need to do something else?
>Thanks in advance for your time.
>Do you Yahoo!?
>The New Yahoo! Search - Faster. Easier. Bingo.
>The official User-To-User support forum of the Apache HTTP 
>Server Project.
>See <URL:> for more info.
>To unsubscribe, e-mail:
>   "   from the digest:
>For additional commands, e-mail:

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message