httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kohne, Mike" <mike.ko...@gilbarco.com>
Subject [users@httpd] Problems with AuthType Basic in site file
Date Fri, 30 Jan 2009 22:52:04 GMT
I'm running apache 2.2.3 on an Ubuntu 8.04 server. The server is a
VMWare machine that I use for all my debugging.

I have AuthType Basic directives inside <Directory > blocks in my site
config file. 
Right now, I'm finding that no one is ever being asked for
username/password. Ever.
At first I thought it was just my browser being agressive in caching
credentials, but I've restarted browsers, installed new browsers,
changed passwords and even removed the passwd and groups files - I still
have no problems accessing the content. 

I even ran a wireshark trace of a transaction and I only saw the
original GET and the response.

I tried removing the symlink from sites-enabled and I was no longer able
to access the content. Therefore, I conclude that apache IS reading the
site file.

Obviously something is screwed up on my system, but I'm pretty sure this
config file hasn't changed in months (I looked in CVS), and I'm pretty
clear that it was working when last it was modified. 



Can anyone give me a clue as to what I'm doing wrong here? How the heck
do I debug this? I set LogLevel to debug in both this file and the
apache2.conf file, with nothing of interest showing up. 




My site config file is in sites-available with a symlink from
sites-enabled. 
/etc/apache2$ ls -al sites-available/
-rwxr-xr-x 1 root root 2788 2009-01-30 16:59 cfn

/etc/apache2$ ls -al sites-enabled/
lrwxrwxrwx 1 root root   32 2009-01-30 17:28 cfn ->
/etc/apache2/sites-available/cfn


Here's the site config file:

NameVirtualHost *
<VirtualHost *>
        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/html

        # Michael Kohne 2/26/08
        # For some reason, Options +Includes doesn't work if used
        # inside a DirectoryMatch block, or a Directory block which
        # uses regex to match the directory name.
        # Thus, I've eliminated all DirectoryMatch blocks.
        <Directory cfn/level_2>
                AuthType Basic
                AuthName "Gasboy CFN 4"
                AuthUserFile /etc/opt/cfn/passwd
                AuthGroupFile /etc/opt/cfn/groups
                Require group level_2

                Options +Includes Indexes MultiViews FollowSymLinks
                AllowOverride None
                Order allow,deny
                Allow from all
        </Directory>
        # NOTE: should be the same as cfn/level_2
        <Directory cfn/html>
                AuthType Basic
                AuthName "Gasboy CFN 4"
                AuthUserFile /etc/opt/cfn/passwd
                AuthGroupFile /etc/opt/cfn/groups
                Require group level_2

                Options +Includes Indexes MultiViews FollowSymLinks
                AllowOverride None
                Order allow,deny
                Allow from all
        </Directory>

        <Directory cfn/level_6>
                AuthType Basic
                AuthName "Gasboy CFN 4"
                AuthUserFile /etc/opt/cfn/passwd
                AuthGroupFile /etc/opt/cfn/groups
                Require group level_6

                Options +Includes Indexes MultiViews FollowSymLinks
                AllowOverride None
                Order allow,deny
                Allow from all
        </Directory>

        # should be same as cfn/level_6
        <Directory cfn/html/level_6>
                AuthType Basic
                AuthName "Gasboy CFN 4"
                AuthUserFile /etc/opt/cfn/passwd
                AuthGroupFile /etc/opt/cfn/groups
                Require group level_6

                Options +Includes Indexes MultiViews FollowSymLinks
                AllowOverride None
                Order allow,deny
                Allow from all
        </Directory>

        ScriptLog logs/cgi_log
        ScriptAlias /cgi-bin/ /var/www/cgi-bin/
        <Directory "/var/www/cgi-bin/">
                AllowOverride None
                Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
FollowSymLinks
                Order allow,deny
                Allow from all
        </Directory>

        ErrorLog /var/log/apache2/error.log

        # Possible values include: debug, info, notice, warn, error,
crit,
        # alert, emerg.
        LogLevel debug

        CustomLog /var/log/apache2/access.log combined
        ServerSignature On

</VirtualHost>







apache2 -V output:
Server version: Apache/2.2.3
Server built:   Feb  4 2008 20:19:27
Server's Module Magic Number: 20051115:3
Server loaded:  APR 1.2.7, APR-Util 1.2.7
Compiled using: APR 1.2.7, APR-Util 1.2.7
Architecture:   32-bit
Server MPM:     Prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/prefork"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=128
 -D HTTPD_ROOT=""
 -D SUEXEC_BIN="/usr/lib/apache2/suexec"
 -D DEFAULT_PIDLOG="/var/run/apache2.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types"
 -D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf"


Thanks!

Michael Kohne
Gilbarco Veeder-Root
Mike.Kohne@gilbarco.com


Please be advised that this email may contain confidential information.
 If you are not the intended recipient, please do not read, copy or
re-transmit this email.  If you have received this email in error,
please notify us by email by replying to the sender and by telephone
(call us collect at +1 202-828-0850) and delete this message and any
attachments.  Thank you in advance for your cooperation and assistance.

In addition, Danaher and its subsidiaries disclaim that the content of
this email constitutes an offer to enter into, or the acceptance of, 
any
contract or agreement or any amendment thereto; provided that the
foregoing disclaimer does not invalidate the binding effect of any
digital or other electronic reproduction of a manual signature that is
included in any attachment to this email.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message