httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sheldon Ross <sr...@simmgene.com>
Subject Re: [users@httpd] Problems with AuthType Basic in site file
Date Fri, 30 Jan 2009 23:28:14 GMT
I realize that wasn't a very complete response

A) replace "/status" with your location/directory.
B) the Tag can be <Location> for any mapping to that url,
or <Directory> if it is a static directory on your server.

C) this is assuming you have a centralized user/pass file
at /etc/apache2/htusers

D) if not, you need to create .htaccess, and .htpasswd files in the
directories you want to authenticate.

On Fri, 2009-01-30 at 16:20 -0700, Sheldon Ross wrote:
> First your site file need to contains 
> 
> 	<Location "/status">
> 		AuthName "Private Site"
> 		AuthType basic
> 		AuthUserFile /etc/apache2/htusers
> 		require valid-user
> 	</Location>
> 
> And I've found that a force-reload doesn't always recognize this, you(I
> anyway) have to actually restart apache to get it to recognize this.
> 
> 
> On Fri, 2009-01-30 at 14:52 -0800, Kohne, Mike wrote:
> > I'm running apache 2.2.3 on an Ubuntu 8.04 server. The server is a
> > VMWare machine that I use for all my debugging.
> > 
> > I have AuthType Basic directives inside <Directory > blocks in my site
> > config file. 
> > Right now, I'm finding that no one is ever being asked for
> > username/password. Ever.
> > At first I thought it was just my browser being agressive in caching
> > credentials, but I've restarted browsers, installed new browsers,
> > changed passwords and even removed the passwd and groups files - I still
> > have no problems accessing the content. 
> > 
> > I even ran a wireshark trace of a transaction and I only saw the
> > original GET and the response.
> > 
> > I tried removing the symlink from sites-enabled and I was no longer able
> > to access the content. Therefore, I conclude that apache IS reading the
> > site file.
> > 
> > Obviously something is screwed up on my system, but I'm pretty sure this
> > config file hasn't changed in months (I looked in CVS), and I'm pretty
> > clear that it was working when last it was modified. 
> > 
> > 
> > 
> > Can anyone give me a clue as to what I'm doing wrong here? How the heck
> > do I debug this? I set LogLevel to debug in both this file and the
> > apache2.conf file, with nothing of interest showing up. 
> > 
> > 
> > 
> > 
> > My site config file is in sites-available with a symlink from
> > sites-enabled. 
> > /etc/apache2$ ls -al sites-available/
> > -rwxr-xr-x 1 root root 2788 2009-01-30 16:59 cfn
> > 
> > /etc/apache2$ ls -al sites-enabled/
> > lrwxrwxrwx 1 root root   32 2009-01-30 17:28 cfn ->
> > /etc/apache2/sites-available/cfn
> > 
> > 
> > Here's the site config file:
> > 
> > NameVirtualHost *
> > <VirtualHost *>
> >         ServerAdmin webmaster@localhost
> > 
> >         DocumentRoot /var/www/html
> > 
> >         # Michael Kohne 2/26/08
> >         # For some reason, Options +Includes doesn't work if used
> >         # inside a DirectoryMatch block, or a Directory block which
> >         # uses regex to match the directory name.
> >         # Thus, I've eliminated all DirectoryMatch blocks.
> >         <Directory cfn/level_2>
> >                 AuthType Basic
> >                 AuthName "Gasboy CFN 4"
> >                 AuthUserFile /etc/opt/cfn/passwd
> >                 AuthGroupFile /etc/opt/cfn/groups
> >                 Require group level_2
> > 
> >                 Options +Includes Indexes MultiViews FollowSymLinks
> >                 AllowOverride None
> >                 Order allow,deny
> >                 Allow from all
> >         </Directory>
> >         # NOTE: should be the same as cfn/level_2
> >         <Directory cfn/html>
> >                 AuthType Basic
> >                 AuthName "Gasboy CFN 4"
> >                 AuthUserFile /etc/opt/cfn/passwd
> >                 AuthGroupFile /etc/opt/cfn/groups
> >                 Require group level_2
> > 
> >                 Options +Includes Indexes MultiViews FollowSymLinks
> >                 AllowOverride None
> >                 Order allow,deny
> >                 Allow from all
> >         </Directory>
> > 
> >         <Directory cfn/level_6>
> >                 AuthType Basic
> >                 AuthName "Gasboy CFN 4"
> >                 AuthUserFile /etc/opt/cfn/passwd
> >                 AuthGroupFile /etc/opt/cfn/groups
> >                 Require group level_6
> > 
> >                 Options +Includes Indexes MultiViews FollowSymLinks
> >                 AllowOverride None
> >                 Order allow,deny
> >                 Allow from all
> >         </Directory>
> > 
> >         # should be same as cfn/level_6
> >         <Directory cfn/html/level_6>
> >                 AuthType Basic
> >                 AuthName "Gasboy CFN 4"
> >                 AuthUserFile /etc/opt/cfn/passwd
> >                 AuthGroupFile /etc/opt/cfn/groups
> >                 Require group level_6
> > 
> >                 Options +Includes Indexes MultiViews FollowSymLinks
> >                 AllowOverride None
> >                 Order allow,deny
> >                 Allow from all
> >         </Directory>
> > 
> >         ScriptLog logs/cgi_log
> >         ScriptAlias /cgi-bin/ /var/www/cgi-bin/
> >         <Directory "/var/www/cgi-bin/">
> >                 AllowOverride None
> >                 Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
> > FollowSymLinks
> >                 Order allow,deny
> >                 Allow from all
> >         </Directory>
> > 
> >         ErrorLog /var/log/apache2/error.log
> > 
> >         # Possible values include: debug, info, notice, warn, error,
> > crit,
> >         # alert, emerg.
> >         LogLevel debug
> > 
> >         CustomLog /var/log/apache2/access.log combined
> >         ServerSignature On
> > 
> > </VirtualHost>
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > apache2 -V output:
> > Server version: Apache/2.2.3
> > Server built:   Feb  4 2008 20:19:27
> > Server's Module Magic Number: 20051115:3
> > Server loaded:  APR 1.2.7, APR-Util 1.2.7
> > Compiled using: APR 1.2.7, APR-Util 1.2.7
> > Architecture:   32-bit
> > Server MPM:     Prefork
> >   threaded:     no
> >     forked:     yes (variable process count)
> > Server compiled with....
> >  -D APACHE_MPM_DIR="server/mpm/prefork"
> >  -D APR_HAS_SENDFILE
> >  -D APR_HAS_MMAP
> >  -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
> >  -D APR_USE_SYSVSEM_SERIALIZE
> >  -D APR_USE_PTHREAD_SERIALIZE
> >  -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
> >  -D APR_HAS_OTHER_CHILD
> >  -D AP_HAVE_RELIABLE_PIPED_LOGS
> >  -D DYNAMIC_MODULE_LIMIT=128
> >  -D HTTPD_ROOT=""
> >  -D SUEXEC_BIN="/usr/lib/apache2/suexec"
> >  -D DEFAULT_PIDLOG="/var/run/apache2.pid"
> >  -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
> >  -D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock"
> >  -D DEFAULT_ERRORLOG="logs/error_log"
> >  -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types"
> >  -D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf"
> > 
> > 
> > Thanks!
> > 
> > Michael Kohne
> > Gilbarco Veeder-Root
> > Mike.Kohne@gilbarco.com
> > 
> > 
> > Please be advised that this email may contain confidential information.
> >  If you are not the intended recipient, please do not read, copy or
> > re-transmit this email.  If you have received this email in error,
> > please notify us by email by replying to the sender and by telephone
> > (call us collect at +1 202-828-0850) and delete this message and any
> > attachments.  Thank you in advance for your cooperation and assistance.
> > 
> > In addition, Danaher and its subsidiaries disclaim that the content of
> > this email constitutes an offer to enter into, or the acceptance of, 
> > any
> > contract or agreement or any amendment thereto; provided that the
> > foregoing disclaimer does not invalidate the binding effect of any
> > digital or other electronic reproduction of a manual signature that is
> > included in any attachment to this email.
> > 
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> > 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message