httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Knute Johnson <apa...@knutejohnson.com>
Subject Re: [users@httpd] Files and DirectoryIndex conflict?
Date Sat, 28 May 2011 21:34:54 GMT
On 05/28/2011 02:07 PM, Jeroen Geilman wrote:
> On 05/28/2011 08:51 PM, Knute Johnson wrote:
>> I'm having a problem using the Files directive to require
>> authentication on the index.html file. It doesn't work if it is
>> requested with the index URL but does if the URL specifies the file
>> directly. I can't believe that I'm the only person ever to try to do
>> this but maybe I am.
>>
>> So if I request http://localhost/ I get the following error and NO
>> user name/password dialog.
>>
>> 401 Authorization Required
>>
>> Authorization Required
>>
>> This server could not verify that you are authorized to access the
>> document requested. Either you supplied the wrong credentials (e.g.,
>> bad password), or your browser doesn't understand how to supply the
>> credentials required.
>>
>> But if I request http://localhost/index.html I get the Authentication
>> Required dialog and can enter the user name and password and then
>> receive the file.
>>
>> I've tested this with FireFox and Chrome. I'm running Ubuntu 10.10 and
>> apache 2.2.16.
>>
>> Here is the access log from the first request
>>
>> 127.0.0.1 - - [28/May/2011:11:31:16 -0700] "GET / HTTP/1.1" 401 618
>> "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.17)
>> Gecko/20110422 Ubuntu/10.10 (maverick) Firefox/3.6.17"
>>
>> and the access log from the second request
>>
>> 127.0.0.1 - knute [28/May/2011:11:30:12 -0700] "GET /index.html
>> HTTP/1.1" 200 485 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US;
>> rv:1.9.2.17) Gecko/20110422 Ubuntu/10.10 (maverick) Firefox/3.6.17"
>>
>> The error.log is empty.
>
> That is not possible; a 4xx error is always logged in the error log.

Why would I make it up.  There is nothing in the error log.  401 errors 
show up in the access log though.

>>
>> Here is the virtual host configuration file
>>
>> <VirtualHost *:80>
>> ServerAdmin webmaster@localhost
>>
>> DocumentRoot /var/www
>
>> <Directory />
>> Options FollowSymLinks
>> AllowOverride None
>> </Directory>
>
> This does not belong in a vhost.

Except for the Files directives that I added this is unchanged from the 
install.

>
>> <Directory /var/www/>
>> Options Indexes FollowSymLinks MultiViews
>> AllowOverride None
>> Order allow,deny
>> allow from all
>> # added for testing
>> # any files require group any membership
> Requests that hit DirectoryIndex hit this resource block

Then why does it not work?  If I request a file that isn't index.html it 
sends it to me.

>> <Files index.html>
>> AuthType Basic
>> AuthName "ARCLA Lookers"
>> AuthUserFile /usr/local/apache/passwords/arcla.pwd
>> AuthGroupFile /usr/local/apache/passwords/groups
>> Require group lookers players honchos
>
> However, requests for the exact file resource hit this resource block.
>
>> </Files>
>>
>> ErrorLog ${APACHE_LOG_DIR}/error.log
>
>
> Apache will refuse to run when it cannot write to the error log, so you
> are likely not looking at the right one.

It writes to the error log file that I am looking at.  I can request a 
non-existent file and the error shows up in the error log just fine.

>>
>> DirectoryIndex index.html index.cgi index.pl index.php index.xhtml
>> index.htm
>
> THIS is the reason the requests behave differently.

Isn't the whole purpose of DirectoryIndex to serve up one of the above 
files if you request the index?  So why doesn't the Files directive work 
and why does apache return the odd error?  How do I make it work?

Thanks,

-- 

Knute Johnson

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message