httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pam Astor <pamas...@hotmail.com>
Subject RE: [users@httpd] .htaccess for script aliased directories‏
Date Fri, 25 Apr 2008 18:10:17 GMT








>>>> I am trying to password protect a sub directory within the web space of a>>>>
domain that is serving site statistics of awstats generated pages. The path>>> >
to the dir is /home/user1/www/awstats. When testing, I am able to get a>>> > username
and password prompt for the front page of the site, i.e. for>>> > www.mydomain.com,
when I place the .htaccess file in www. But I can't get a>>> > functional prompt
for www.mydomain.com/awstats when I place the .htaccess in>>> > the awstats dir.
The login box comes up but it won't accept my username>>> > password combo, even
though it will accept it when I have the same .htaccess>>> > file in the www dir.>>>
>>> See:>>> http://httpd.apache.org/docs/2.2/howto/htaccess.html>>>
>>> Your problem is that you don't have AllowOverride set correctly for>>>
the relevant directory. But beyond that, you probably don't want to be>>> using .htaccess
at all. Just put the directives in the relevant>>> <Directory> section in httpd.conf.>>>
>>> Jo
 shua.>>>>Thanks Joshua,>> >>I read the above DOC you posted thanks.
 Just to clarify, do you>>reccomend that I use the <Directory> method in the main
httpd.conf file>>as described in the above, instead ot .htaccess?> >Oops, just
re read your post :) appears that's what you meant.
 
OK I took the advice and have been trying to set up http username and password logins without
using .htaccess files inside the web accessible directory I am trying to password protect.
 I checked my AllowOverride settings in httpd.conf and they appear to be set correctly and
I’m still not getting a login prompt which accepts the correct username and password I type
in for the script aliased directory.  I posted all of my AllowOverride settings in the main
httpd.conf file at the end of this post.  
 
I am trying to use the <Location> tag instead of the <Directory> tag within individual
virtual domain httpd.conf files – files which were enabled by the main httpd.conf file’s
“Include conf.d/*.conf” directive.  In other words, I have virtual domain files -  www.domain1.con.conf
, www.domain2.com.conf , and so on in the /etc/httpd/conf.d directory which all contain (so
far only) my virtual host tags for those domains.
 
Is using the <Location> tag advisable (or possible), instead of using the <directory>
tag in my virtual host .conf files to enable username password logins?  
 
I read this as a good method in my Apache 2.0 Wrox book, it’s a bit out dated though, and
I’m using Apache 2.2 on a Centos 5.1 box.
 
The tag I just added to one of my test virtual domain files is this:
 
<Location /home/mydirectory/www/awstats>
AuthName "MembersOnly"
AuthType Basic
AuthUserFile /home/mydirectory/.htpasswd
Require user testuser
</Location>
 
The above  virtual domain file includes the tag:
 
<VirtualHost 12.345.678.910:80>
   ServerAdmin help@blabla.com
    DocumentRoot /home/mydirectory/www
    ServerName www.blabla.com
    ServerAlias blabla.com
    ErrorLog logs/blabla.com-error_log
   CustomLog logs/blabla.com-access_log combined
ScriptAlias /awstats/ "/usr/local/awstats/wwwroot/cgi-bin/"
</VirtualHost>
 
After reloading apache and going to http.www.blabla.com, I did get a popup login box, but
when I type in my username and password it won’t take it, even though I’m sure it’s
the correct combo created by htpasswd –c .htpasswd testuser.
 
Any hints or suggestions as to what I am doing wrong?
 
Below are the AllowOverride settings in httpd.conf:
 
<Directory />
    Options FollowSymLinks
    AllowOverride AuthConfig
</Directory>
 
<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>
 
 
<Directory "/var/www/icons">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
 
<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>
 
    <Directory "/var/www/error">
        AllowOverride None
        Options IncludesNoExec
        AddOutputFilter Includes html
        AddHandler type-map var
        Order allow,deny
        Allow from all
        LanguagePriority en es de fr
        ForceLanguagePriority Prefer Fallback
    </Directory>
 
<IfModule mod_include.c>
    <Directory "/var/www/error">
        AllowOverride None
        Options IncludesNoExec
        AddOutputFilter Includes html
        AddHandler type-map var
        Order allow,deny
        Allow from all
        LanguagePriority en es de fr
        ForceLanguagePriority Prefer Fallback
    </Directory>
 

 

In a rush? Get real-time answers with Windows Live Messenger. 
_________________________________________________________________
Express yourself wherever you are. Mobilize!
http://www.gowindowslive.com/Mobile/Landing/Messenger/Default.aspx?Locale=en-US?ocid=TAG_APRIL
Mime
View raw message