You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Ziad Matloub <zi...@fc.hp.com> on 1999/06/10 17:43:09 UTC

config/4557: .htaccess /htgroup WILL not work.

>Number:         4557
>Category:       config
>Synopsis:       .htaccess /htgroup WILL not work.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Thu Jun 10 08:50:00 PDT 1999
>Last-Modified:
>Originator:     ziad@fc.hp.com
>Organization:
apache
>Release:        1.3
>Environment:
HPUX 10.20 very latest patches.
HP-UX bigcat B.10.20 A 9000/780 2016364417 two-user license
>Description:
I had NCSA for 4 years and things were great.
I upgraded to Apache, which is supposed to be a transparent upgrade, and
NONE of my .htaccess directories work.

Here is the problem very simply put.
Apache doesn't seem to recognize the authgroup directive. Every user
gets a password mismatch in the error_log.

Here's what I have done.
I left the /opt/apache/conf/access.conf alone, except to tell it where
my htdocs directory is. I haven't changed anything else.

In /opt/apache/conf, I have a htpasswd.users and an htgroup.users files

htpasswd.users looks like this
userA:passwd (encrypted)
userB:passwd (encrypted)
etc....

htgroup.users looks like this
groupA: userA userB

in /ftp/pres I created a .htaccess and it looks like this

AuthUserFile /opt/apache/conf/htpasswd.users
AuthGroupFile /opt/apache/conf/htgroup.users
AuthName "Security Clearance"
AuthType Basic

<Limit GET>
require group groupA
</Limit>

whenever, anyone (userA,userB) try to go to
http://myserver.here.com/ftp/pres, they are presented with the familiar
login box. All attempts return a "user userA: password mismatch"

If I change the .htaccess file to:

AuthUserFile /opt/apache/conf/htpasswd.users
AuthGroupFile /opt/apache/conf/htgroup.users
AuthName "Security Clearance"
AuthType Basic
<Limit GET>
require user userA userB
</Limit>

Then EVERYTHING works fine.

Ziad Matloub
ziad@fc.hp.com
>How-To-Repeat:

>Fix:
Is this a bug? I have followd EVERY line of your docs as it pertains to this. I have been posting on usenet for a month and I have tried all suggestions.
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, you need]
[to include <ap...@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or      ]
["Re: general/1098:").  If the subject doesn't match this       ]
[pattern, your message will be misfiled and ignored.  The       ]
["apbugs" address is not added to the Cc line of messages from  ]
[the database automatically because of the potential for mail   ]
[loops.  If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request from a  ]
[developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]