Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 62338 invoked from network); 3 Jan 2006 14:34:33 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 3 Jan 2006 14:34:33 -0000 Received: (qmail 29856 invoked by uid 500); 3 Jan 2006 14:34:21 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 29845 invoked by uid 500); 3 Jan 2006 14:34:21 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 29834 invoked by uid 99); 3 Jan 2006 14:34:21 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Jan 2006 06:34:20 -0800 X-ASF-Spam-Status: No, hits=1.9 required=10.0 tests=DNS_FROM_RFC_ABUSE,DNS_FROM_RFC_POST X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy includes SPF record at spf.trusted-forwarder.org) Received: from [206.190.36.80] (HELO smtp102.rog.mail.re2.yahoo.com) (206.190.36.80) by apache.org (qpsmtpd/0.29) with SMTP; Tue, 03 Jan 2006 06:34:20 -0800 Received: (qmail 55471 invoked from network); 3 Jan 2006 14:33:58 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=rogers.com; h=Received:Return-Receipt-To:From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Mailer:Thread-Index:X-MimeOLE:In-Reply-To:Disposition-Notification-To:X-smtpproxy-01; b=P3apTn4R2Vml5Fa3QqW0+3HqIXrzyQWu4+1vhk5CXFO+1Obwh1HXXSx1Mv98DN457gQirahaiUKkrjKeg6kEE9PdDMnppqQtDzaMBN2CIh6JXHSFfhBI6dNgiUxppJDEc75zXNb74HRK8dX85Lkq0n5v05GSVrmqgtFDiwSGm6U= ; Received: from unknown (HELO drbpdc) (drbeach@rogers.com@70.30.198.170 with login) by smtp102.rog.mail.re2.yahoo.com with SMTP; 3 Jan 2006 14:33:58 -0000 From: "Dave Beach" To: Date: Tue, 3 Jan 2006 09:33:57 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 Thread-Index: AcYQNs9ew8oIsuqzT4iq1FEQSi6MEgAOphaw X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 In-Reply-To: <200601030724.28060.nick@webthing.com> X-smtpproxy-01: drbpdc X-Virus-Checked: Checked by ClamAV on apache.org Subject: RE: [users@httpd] Authentication realms X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Thanks for the reply. I've been through the FAQ again, and don't see where URL space is relevant (although I'm sure that's a deficiency in my understanding). Consider www.foo.com (hypothetically - I've just realized that's actually a real site), and that /usr/local/apache2/htdocs is set as AuthName "bar" in httpd.conf. Everything behaves perfectly as expected, except a link to /usr/local/apache2/htdocs/foobar/foobar.wmv causes a re-prompt for authentication credentials. In the client popup, the user is advised that a password is required for www.foo.com. The link that causes this is from /usr/local/apache2/htdocs/index.htm, and merely points to "foobar/foobar.wmv". For every other link and file on the server, authentication seems to be working exactly the way I would have expected. For example, a link that points to "foobar/picture.jpg" does not cause an authentication re-prompt. I realize I'm repeating myself here, but I'm trying to illustrate that I'm not sure how this is a URL space issue. I've re-looked at the FAQ again, and made two changes - I set UseCanonicalName to off in httpd.conf, and I added an .htaccess file in /usr/local/apache2/htdocs/foobar that simply repeats "AuthName "bar"". Still no joy. I appreciate your patience; perhaps a slightly more detailed pointer would nudge me in the right direction. -----Original Message----- From: Nick Kew [mailto:nick@webthing.com] Sent: January 3, 2006 2:24 AM To: users@httpd.apache.org Subject: Re: [users@httpd] Authentication realms On Monday 02 January 2006 22:57, Dave Beach wrote: > Hi list! > > I'm having a small problem. I have basic authentication set up (httpd > v2.2.0), and it works as I would expect - except that when a user > requests a Windows Media file (wmv) from a subordinate page, the > client browser prompts again for the user's credentials. That's the browser doing the prompting. Which means the *browser* sees the wmv file as not being within the already-authenticated area. You need to sort out your URL space. The internal organisation of Apache (thngs like directories) is not relevant (except indirectly, when it affects URL space). There's a FAQ entry that might be relevant to you. -- Nick Kew --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org