You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Florian <ts...@agilolfinger.de> on 2008/03/24 13:30:28 UTC

[users@httpd] basic authentication apache 2.2.8

Hi List!

I'm running apache 2.2.8 on a linux-box and have problems withe the
basic authentication. The "require user" and "require group" can't be
combined in .htaccess.

Here my config
httpd.conf
----------
...
<Directory "/www/vhosts/myserver/htdocs">
    Options -Indexes FollowSymLinks
    AllowOverride AuthConfig
    Order allow,deny
    Allow from all
</Directory>
...

in the Directory /www/vhosts/myserver/htdocs/mak
.htaccess
---------
AuthType Basic
AuthName "Interner Bereich"
AuthUserFile /etc/htpasswd
AuthGroupFile /etc/htgroup
Require user user1
Require group group1 group2 group3
# user1 is not a member of any group

Problem
-------
In apache 2.0.59 this config worked.
User1 AND all mebers of all three groups were allowed to access the
directory.

After updating to apache 2.2.8 this config doesn't work any more.
The combination of the "require user" and "require group" statements
allows only group-members to access the directory. User user1 is no more
allowed to access.
A single "require user user1" or a single "require group" are working.

error.log
---------
[Fri Mar 21 19:14:45 2008] [error] [client xx.xx.xx.xx] Authorization of
user user1 to access /mak failed, reason: user is not part of the
'require'ed group(s). , referer: http://bla.bla...


Please give me a hint, where i can search the solution.

Regards,
Florian

------------
The webserver ist compiled with defaults
../bin/httpd -l
Compiled in modules:
  core.c
  mod_authn_file.c
  mod_authn_default.c
  mod_authz_host.c
  mod_authz_groupfile.c
  mod_authz_user.c
  mod_authz_default.c
  mod_auth_basic.c
.....


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] basic authentication apache 2.2.8

Posted by Florian <ts...@agilolfinger.de>.

Eric Covener schrieb:
> On Mon, Mar 24, 2008 at 8:30 AM, Florian <ts...@agilolfinger.de> wrote:
>   
>>  .htaccess
>>  ---------
>>  AuthType Basic
>>  AuthName "Interner Bereich"
>>  AuthUserFile /etc/htpasswd
>>  AuthGroupFile /etc/htgroup
>>  Require user user1
>>  Require group group1 group2 group3
>>  # user1 is not a member of any group
>>
>>  Problem
>>  -------
>>  In apache 2.0.59 this config worked.
>>  User1 AND all mebers of all three groups were allowed to access the
>>  directory.
>>
>>  After updating to apache 2.2.8 this config doesn't work any more.
>>  The combination of the "require user" and "require group" statements
>>  allows only group-members to access the directory. User user1 is no more
>>  allowed to access.
>>     
>
>
> Perhaps: http://httpd.apache.org/docs/2.2/mod/mod_authz_groupfile.html#authzgroupfileauthoritative
>
>   
Thanks for your fast help! It works! :-))
The authzgroupfileauthoritative-Directive seems to be new since apache 2.1.

Regards, Florian

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] basic authentication apache 2.2.8

Posted by Eric Covener <co...@gmail.com>.

On Mon, Mar 24, 2008 at 8:30 AM, Florian <ts...@agilolfinger.de> wrote:
>  .htaccess
>  ---------
>  AuthType Basic
>  AuthName "Interner Bereich"
>  AuthUserFile /etc/htpasswd
>  AuthGroupFile /etc/htgroup
>  Require user user1
>  Require group group1 group2 group3
>  # user1 is not a member of any group
>
>  Problem
>  -------
>  In apache 2.0.59 this config worked.
>  User1 AND all mebers of all three groups were allowed to access the
>  directory.
>
>  After updating to apache 2.2.8 this config doesn't work any more.
>  The combination of the "require user" and "require group" statements
>  allows only group-members to access the directory. User user1 is no more
>  allowed to access.


Perhaps: http://httpd.apache.org/docs/2.2/mod/mod_authz_groupfile.html#authzgroupfileauthoritative

-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org