You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by vlady <vl...@cyber2000.qc.ca> on 2002/03/20 20:36:16 UTC

digest authentication problem

Hi,
I have very strange problem. I have compiled "mod_auth_digest" in my apache.
I am using it for my "htdocs"  and "cgi-bin" directoties, which are in 
the same "realm". I created passwd file using "htdigest", and autorized 
a couple of users.
The problem is that for any reason just one specific user of the 
authorized users is able to connect to "htdocs" dir, cinse for the 
"cgi-bin" directory there is no problem. I spend a lot of time creating 
and removin passwd files and users, but I didn't anderstand why just 
user "vlady" is able to pass the authorization for "htdocs" dir.
Can someone help me with that?
Thanks
Vlady

 The following is my Directory section in my httpd.conf :
 
<Directory "/http-root/stats/cgi-bin/admin">
AuthType Digest
AuthName "dig"
AuthDigestFile /etc/httpd/passwd/digpasswd
Require user admin vlady adm
</Directory>
 
<Directory /http-root/stats/htdocs/admin/>
AuthType Digest
AuthName "dig"
AuthDigestFile /etc/httpd/passwd/digpasswd
Require user admin vlady adm
</Directory>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: digest authentication problem

Posted by Jack Baty <jb...@fusionary.com>.

vlady wrote:
> The problem is that for any reason just one specific user of the 
> authorized users is able to connect to "htdocs" dir, cinse for the 
> "cgi-bin" directory there is no problem. I spend a lot of time creating 
[-- snip --]

Could this be a browser issue?  This is unfamiliar territory for me, but a
recent eWeek article describes an incompatibility with certain browsers (IE)
and the digest authentication used by Apache.

    "The upshot is that IE cannot be used as a Web client for any
    Apache-based Web application that uses digest authentication. In
    addition, every non-IE browser we tested couldn't be used as a client for
    any Internet Information Services-based Web application that uses digest
    authentication. (We tested this with Mozilla.org's Mozilla 0.9.9, Opera
    Software ASA's Opera 6.01 and the W3C's reference browser implementation
    Amaya; Netscape Communications Corp.'s Navigator doesn't currently
    support digest authentication. Static Web pages are not affected by the
    problem.) "


Complete article here:

http://www.eweek.com/article/0,3658,s=702&a=24177,00.asp


-- 
Jack Baty

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org