httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter_Duque...@blm.gov
Subject [users@httpd] httpd 2.2 basic authentication problems
Date Wed, 05 Apr 2006 20:24:13 GMT




Aloha folks,

Kind of an apache-noob here, but other experienced eyes are at a loss on
this as well as I.

Here's my situation: I've got to configure a suite of three jsp-based web
apps, all running on the same instance of apache, and the same instance of
tomcat.  One of the apps ("SP") is authenticated at the application level.
One ("FormsCentral") is not authenticated.  The third
("FormsCentral-Admin") has no app-level authentication, but needs to have
limited access, so I've configured httpd for basic authentication.

One small complication is that SP needs to communicate with
FormsCentral-Admin via SOAP web-service, without the user having to
authenticate (since they already have, to get into SP).

Here's what worked with httpd 2.0.55...

<Directory "/local_apps/apache/tomcat/webapps/FormsCentral-Admin">
    AuthType Basic
    AuthName "Forms Central Administration Login:"
    AuthUserFile /local_apps/apache/fcausers/users
    Require valid-user
    Allow from localhost
</Directory>

"Allow from localhost" lets SOAP in witout authentication. If I comment out
"Allow from localhost", the web service still works, but it does pop up the
password dialog -- so SOAP seems to be ok with basic auth.

HOWEVER, In httpd 2.2, none of this works properly.  I cannot get basic
auth to work at all in a Directory section.  In fact, nothing I put into a
Directory section (with the same directory as above) works (e.g. the if I
put nothing but the directives "Order Allow,Deny" and "Deny from All" in
there...I can still access that app).

Basic auth does work in 2.2, if I do the following...

<Location /FormsCentral-Admin >
    AuthType Basic
    AuthName "Forms Central Administration Login:"
    AuthUserFile /local_apps/apache/fcausers/users
    Require valid user
    Allow from localhost
</Location>

HOWEVER, the SOAP web app no longer works. In catalina.out (tomcat logs), I
get "SOAPExceptionImpl: Bad response: (401Authorization Required".  The
Allow directive seems to have no effect.  Same behavior if I comment that
line out.  Same behavior if I include "Satisfy Any", or if I change the
Allow directive to the server name, or IP address.

If I comment out this whole Location section, the SOAP web service does in
fact work properly.  But if I put basic auth on that directory/location, I
cannot get SOAP to do it's thing, no matter what I try (and I've tried a
ton of different things).

Anybody have any idea what's going on here?

thanks.





---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message