Re: Apache/Redhat Simple AuthType Basic not working :( help please
From: Simon Tneoh Chee-Boon (tneohcb_at_gen-x.com.my)
To: <email@example.com> Date: Mon, 5 Jan 2004 17:08:13 +0800
Hello Ben Yau,
It seems like your configuration is correct, that's why your log file
return any error message, 'coz the setting is to ignore it.
Try to add:
AllowOverride Limit AuthConfig
Then in your .htaccess located in your directory:
Hope this helps.
-- Simon Tneoh Chee-Boon Gen-X Technology Sdn. Bhd. http://www.gen-x.com.my http://www.tneoh.zoneit.com/simon/ ----- Original Message ----- From: "Ben Yau" <firstname.lastname@example.org> To: <email@example.com> Sent: Saturday, January 03, 2004 6:06 AM Subject: Apache/Redhat Simple AuthType Basic not working :( help please > Hi all. > > Happy New Year everybody. > > I'm really having problems with this and I can't figure it out. > > The problem is that apache seems to be ignoring any of the authentication > setup i've put in for a new virtual host. The pages are freely available to > anyone who goes to the URL. The error logs and access logs reflect this. > No errors, and access entries show regular web page serving. > > I went through the tutorial (http://httpd.apache.org/docs/howto/auth.html) > and the apache manual (html version downlaoded to my computer) just to make > sure I wasn't missing anything and still having problems. I'm sure I've > overlooked something obvious so hopefully someone can help me out. (at least > I'm hoping it's something obvious that i've overlooked) > > We're running Redhat 8.x, Apache2.0.48. > > The httpd.conf file is quite convoluted (legacy, and this is where I think > i'm overlooking something). There are several virtualhost entries and the > problem I'm having is wiht a new Virtualhost for accessing reports of > webstats for a specific site. > > There is an AllowOverride None in the main config area (before all the > Virtual hosts directives) in a <Directory /> directive . From what I > remember and what I read in one of the tutorials or manuals that means that > the .htaccess file is completely ignored which is why I'm doing everything > in the VirtualHost directive to be safe. (is this correct?) > > Here is my Virtualhost entry: > <VirtualHost 10.253.32.174:80> > > ServerName reports.auto-rebates.com > ServerAdmin firstname.lastname@example.org > DocumentRoot /home/www/reports.auto-rebates.com > DirectoryIndex index.html > Alias /awstatsjs "/usr/local/awstats/wwwroot/js/" > Alias /awstatsclasses "/usr/local/awstats/wwwroot/classes/" > Alias /awstatscss "/usr/local/awstats/wwwroot/css" > Alias /awstatsicons "/usr/local/awstats/wwwroot/icon" > <Directory /> > AuthType Basic > AuthName "ReportsAutoRebates" > AuthUserFile /home/www/reports.auto-rebates.com/.rarpasswd > Require valid-user > </Directory> > </VirtualHost> > > I've also tried > > Require user byau > > as well (my test username) with no luck. > I created the password file using > > # htpasswd -c /home/www/reports.auto-rebates.com/.rarpasswd byau > > I've stopped and restarted the server every time I've changed anything. > I've also stopped and restarted my browser (IE on WinXP) and deleted temp > browser files in case I was already auth for that dir and for that reason > was skipping future auth. Also accessed the pages using lynx on localhost > and still no auth required. There are no errors. only entries in access > just like normal web page serving > > It's worth mentioning that there is a virtual host that uses /home/www as > its documentroot that has its own auth configs. These do work by the way. > When I close/repoen browser and attepmt to go to the reports website in > /home/www/reports.auto-rebates.com, there is no auth asked for at all so I > don't think it is that I have already somehow been validated into /home/www > and am now being validated into /home/www/reports.auto-rebates.com. Is it > possible that configurations for /home/www i affecting configs for > /home/www/reports.auto-rebates.com even though they are in different > <Virtualhost> directives? > > Here is the first <Virtualhost> entry: > <VirtualHost 10.253.32.174:80> > > ServerName www.escrip.com > CauchoConfigFile /usr/local/resin/conf/escrip.conf > Serveradmin email@example.com > DirectoryIndex index.html index.htm index.jsp index.HTM /error/404.html > ScriptAlias /cgi-bin/ /home/www/escripinc_pub/cgi-bin/ > Alias /dev/ /home/www/dev/escripinc_pub/ > DocumentRoot /home/www/escripinc_pub/ > > > <Directory /> > > AuthType Basic > AuthName "Escrip Staging" > AuthUserFile /home/www/.esipasswd > AuthGroupFile /dev/null > Require valid-user > > </Directory> > </Virtualhost> > > > And here is the config stuff before the first <Virtualhost>. I took out all > the things that didn' tlook relevant (like Add* and BrowserMatch* and things > like that) > > User nobody > Group nobody > ServerAdmin firstname.lastname@example.org > ServerName tarpon.internal.cci > UseCanonicalName Off > DocumentRoot "/usr/local/apache2.0.48/htdocs" > <Directory /> > Options FollowSymLinks > AllowOverride None > </Directory> > AccessFileName .htaccess > <Files ~ "^\.ht"> > Order allow,deny > Deny from all > </Files> > TypesConfig conf/mime.types > DefaultType text/plain > <IfModule mod_mime_magic.c> > MIMEMagicFile conf/magic > </IfModule> > HostnameLookups Off > > > > > Thanks anybody for any ideas on where I can look. At this point I'm just > trying random things out to see if anything works. I realize there are > other issues to solve (such as not putting the AuthUserFile in same dir as > DocumentRoot). That's the legacy they are using on the test server that > I'll talk to him about later. All I need to do right now is just get the > username/password working for this virtual host. > > Thanks! > Cheers! > Ben > > > > > > > -- > redhat-list mailing list > unsubscribe mailto:email@example.com?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:firstname.lastname@example.org?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list