You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Dale <cd...@mail.inficad.com> on 2002/01/21 08:11:52 UTC

Mac OS X Server: setting secure directory access

This may be outside most people's experience here, but I thought I'd 
give it a shot.

I am trying to password protect a specific web directory for browser 
access. I created the required passwordfile and htaccess file and put 
them where they belonged. But I don't get the standard prompt for 
user name and password. It tells me the directory doesn't exist. Take 
the htaccess out and it's accessible.

It's not a matter of changing the httpd.conf file. The user interface 
overrides it with it's own conf file. And the documentation and books 
I've read don't say much except I need to create a realm.

Anyone know the solution?

Thanks
Dale
-- 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Mac OS X Server: setting secure directory access

Posted by Owen Boyle <ob...@bourse.ch>.

Dale wrote:
> 
> This may be outside most people's experience here, but I thought I'd
> give it a shot.
> 
> I am trying to password protect a specific web directory for browser
> access. I created the required passwordfile and htaccess file and put
> them where they belonged. But I don't get the standard prompt for
> user name and password. It tells me the directory doesn't exist. Take
> the htaccess out and it's accessible.

Probably it's referring to the path to the AuthUserFile... 

> It's not a matter of changing the httpd.conf file. The user interface
> overrides it with it's own conf file. 

What on earth does this mean? Apache is controlled by httpd.conf and a
subset of directives which can be used in .htaccess files - what "user
interface" do you mean?

In any case, in order to get it working, reduce the variables by running
without .htaccess and just put all the directives in httpd.conf (you can
do this - .htaccess is a convenience feature, not a necessity). Just do
something like:

<Directory /home/web/protected-dir>
    AuthType      Basic
    AuthName      "Protected Directory"
    AuthUserFile  /home/admin/protected.pwd
    Require       valid-user
</Directory>

These are the only crucial directives you need to activate
authentication. Check that the path to the AuthUserFile (which contains
the user/pass pairs) is correct and that the file is readable by apache.

Rgds,

Owen Boyle

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org