httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Grant" <davidgr...@busydata.com>
Subject RE: [users@httpd] Authenticating a single directory
Date Wed, 25 Feb 2004 11:14:38 GMT
1) All virtual hosts are subdirectories under the original www root
directory. 

2) I get a 403 forbidden error message.

3) I added an additional subdirectory, named it 'test', and browsed a simple
html page with no problem. My hunch is it's the webalizer content.

Meanwhile, I'm lookin into the docs. Haven't made much progress yet.

David Grant

-----Original Message-----
From: Boyle Owen [mailto:Owen.Boyle@swx.com] 
Sent: Wednesday, February 25, 2004 7:00 PM
To: users@httpd.apache.org
Subject: RE: [users@httpd] Authenticating a single directory

> -----Original Message-----
> From: David Grant [mailto:davidgrant@busydata.com]
> 
> I want users to authenticate to a directory containing 
> webalizer stats, but
> by default it is forbidden. This particular directory is a 
> subdirectory of a
> virtual host.
> 
> I read through the authentication docs on apache.org under 
> apache version
> 2.0. I've placed a .htaccess file in the directory I'd like users to
> authenticate to.

You don't state that you have allowed apache to serve files from this
directory. If it is not under the docroot, you need to allow access
explicitly. You need:

<Directory /path/to/webalizer_dir>
  Allow from all
</Directory>

which will allow anyone, anywhere access to this dir. Read docs for
Allow, Deny, Satisfy etc. if you need more specific control.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

PS The correct setting is "AllowOverride AuthConfig", at least.

PPS Distinguish between "401 Unauthorized" (which is when your login
fails) and "403 Forbidden" (which is when apache is not allowed to serve
the page).

> 
> I used htpasswd to create the password file and a user.
> 
> My .htaccess file:
> 
> AuthType Basic
> AuthName "Restricted Files"
> AuthUserFile /usr/local/apache/passwd/passwords
> Require user bikinimall
> 
> I changed 'AllowOverride None' in httpd.conf to 
> 'AllowOverride AuthConfig'.
> Nothing changed. I continue to get error 403, access forbidden.
> 
> I reread the docs and change the 'AllowOverride' parameter 
> back to NONE in
> httpd.conf. I then added 'AllowOverride AuthConfig' to my 
> .htaccess file.
> Still nothing changed.
> 
> I really don't want to add another <Directory> section to my 
> httpd.conf file
> for every virtual host I have. Is there something I am 
> missing? I have a
> hunch it's something entirely different, seeing as the 
> subdirectory was
> forbidden to begin with, but I don't know where to start.
> 
> Any ideas out there?
> 
> David
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
>

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message