www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Davon <Da...@web-depot.com>
Subject Re: mod_auth-any/2938: The server just lets everyone in, and seems not to check the passwd.db files at all
Date Tue, 01 Sep 1998 17:50:01 GMT
The following reply was made to PR mod_auth-any/2938; it has been noted by GNATS.

From: Michael Davon <Davon@web-depot.com>
To: apbugs@apache.org
Cc:  Subject: Re: mod_auth-any/2938: The server just lets everyone in, and seems not to check
the passwd.db files at all
Date: Tue, 1 Sep 1998 13:31:17 -0400 (EDT)

 Marc, 
 
 Please reopen the bug.  I have included more of the configuration
 so that you can see that I am doing that which you suggest.
 Also, as I stated in the original report, it does work with
 Server version Apache/1.2.4 -- so I don't think it's me.
 
 
   First, your authentication should normally be in side some
   sort of Directory, etc. section.
 
   Secondly, you aren't actually telling Apache to require
   any auth; you need something like "require valid-user" or
   "require user foo", etc.
 
 
 Sample piece of httpd.conf file.  I'll provide it all if you
 want.
 
 -M
 
 <Directory */members>
 options includes followsymlinks execcgi
 AuthDBMUserFile /www/data/passwd/passwd
 AuthGroupFile /www/data/group/group
 AuthType Basic
 AuthName HotSexPics
 <Limit GET POST>
 require valid-user
 </Limit>
 </Directory>
 
 
 -- 
 Michael Davon                       617-491-0080 Office
                                     888-WB-DEPOT Office
 Davon@Web-Depot.Com                 617-491-0066 Fax
 http://WWW.Web-Depot.COM            617-491-0033 Home

Mime
View raw message