httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel E" <emmanue...@gmx.net>
Subject [users@httpd] Access control problems, .htaccess and Directory and Allow directives
Date Sat, 07 Jan 2006 17:02:41 GMT
Hi,

I have not been able to understand how the different Access Control
directives are merged. 

The access control methods specified in the .htaccess files are not being
followed.

I am on Apache (SSL enabled) version 2.0.54 on WinXP.

The problem I am having is as follows:

My Configuration file has the following:

==========================

DocumentRoot "C:/Apache2/htdocs"
...
# First, we configure the "default" to be a very restrictive set of 
# features.  
#
<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>
...
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "C:/Apache2/htdocs">

#
# Possible values for the Options directive are "None", "All",
# or any combination of:
#   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important.  Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
#
    Options Indexes FollowSymLinks

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
#   Options FileInfo AuthConfig Limit
#
    
    
    AllowOverride All

#
# Controls who can get stuff from this server.
#
    Order allow,deny
    Allow from all
    

</Directory>

========================================


The .htaccess file in C:\ contains the following:

=====================
AuthUserFile c:/apache2/bin/password.txt
AuthName "blah"
AuthType Basic
Require user blah
Satisfy All
======================


AllowOverride All is enabled for the Directory htdocs. Therefore it should
look up the .htaccess file.  The .htaccess files documentation says that
Apache traverses every folder upto the root directory looking for .htaccess
files. Therefore it should reach the file in C:\. However it is not
implementing any of the access control methods enabled for the directory
htdocs. It only applies the Allow and Deny directives specified in the
config file in the <Directory> section for htdocs.

What am I doing wrong? Any help would be appreciated.

Thanks,
Emmanuel

-- 
DSL-Aktion wegen großer Nachfrage bis 28.2.2006 verlängert:
GMX DSL-Flatrate 1 Jahr kostenlos* http://www.gmx.net/de/go/dsl

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message