httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Weed <brian_w...@yahoo.com>
Subject [users@httpd] Multiple Authentication
Date Fri, 03 Aug 2007 21:23:44 GMT
I'm using Apache v2.2.4 (on Windows Server 2003) and
I'm trying to use both SSPI and Basic Authentication
together so that both Domain and non-domain users can
log in to my Trac Wiki site.
 
Withi this config:
 
<LocationMatch "/cgi-bin/trac.cgi/[^/]+/login">
 
  # Domain Login
 
  AuthName "my domain"
 
  AuthType SSPI
  SSPIAuth On
  SSPIAuthoritative Off
  SSPIDomain MYDOMAIN
  SSPIOfferBasic On
  SSPIOfferSSPI Off
  SSPIOmitDomain On
  SSPIPerRequestAuth On
 
 # Non-domain login
  AuthType Basic
  AuthBasicAuthoritative Off
  AuthUserFile D:/wikis/trac.htpasswd
 
  Require valid-user
 
</LocationMatch>
 
It only allows Domain users to log in.  Its not
falling back to Basic via AuthUserFile.
If I turn off SSPI, then it allows Basic Auth (but
obviously not Domain login).
 
Searching the web, I've found a few people with
similar problems, but no real solution:
 
http://svn.haxx.se/users/archive-2006-09/1384.shtml
and
http://www.svnforum.org/2017/viewtopic.php?p=11517
 
The error I get in the error.log is: "...Logon
failure: unknown user name or bad password.  : user
MYDOMAIN\\nondomainuser: authentication failure for
"/cgi-bin/trac.cgi/foo/login"
 
So, it seems as though it's always prepending the
domain, even when falling back to Basic, or its not
falling back at all.
 
Is there some other module I have to install to
support falling back?
Any ideas as to what else I may be doing wrong?
 
Thanks.
 
Brian


       
____________________________________________________________________________________
Need a vacation? Get great deals
to amazing places on Yahoo! Travel.
http://travel.yahoo.com/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message