You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Stephen Hardisty <sh...@messagelabs.com> on 2003/12/11 17:59:55 UTC

[users@httpd] Authentication problems

Howdy,
I'm trying to get basic authentication working but when I go to the site, I'm not prompted for a username or password. I have the following entry in my config:

<Directory /var/www/html/blah>
	AllowOverride AuthConfig
	AuthUserFile /var/www/html/blah/.htpasswd
	AuthName "Blah login"
	AuthType Basic
	require valid-user
	order deny,allow
</Directory>

No matter what I put in here (and I've tried loads of combinations), nothing happens. I'm going to have a fit soon I think. Is there anything that turns off authentication or am I just doing something dumb? FYI, I'm using Apache 2.0.40.

Hope you guys can help.

Cheers!

________________________________________________________________________
This email has been scanned for all viruses by the MessageLabs Email
Security System. For more information on a proactive email security
service working around the clock, around the globe, visit
http://www.messagelabs.com
________________________________________________________________________

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Authentication problems

Posted by Robert Andersson <ro...@profundis.nu>.

Stephen Hardisty wrote:
> <Directory /var/www/html/blah>
> AllowOverride AuthConfig
> AuthUserFile /var/www/html/blah/.htpasswd
> AuthName "Blah login"
> AuthType Basic
> require valid-user
> order deny,allow
> </Directory>
>
> No matter what I put in here (and I've tried loads of combinations),
> nothing happens. I'm going to have a fit soon I think. Is there
> anything that turns off authentication or am I just doing something
> dumb? FYI, I'm using Apache 2.0.40.

Is the directory served as though it was unrestricted? If not, as always,
check the error log.

Otherwise, edit that directory block to contain:

    Order allow,deny
    Deny from all

Just to make sure. If Apache still allows you access to the directory, you
got some other problem, like editing the wrong configuration file or not
restarting Apache, or conflicting (directory) configuration. You may also
want to try to insert a "Satisfy all" there.

Regards,
Robert Andersson

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Authentication problems

Posted by Steven Pierce <pa...@speakeasy.net>.

How did you create the file .htpasswd? 

To create the file use:

htpasswd -c /usr/local/apache/passwd/password user name

Or use the path that you have Apache installed in.  The one above is just
an example.



*********** REPLY SEPARATOR  ***********

On 12/11/2003 at 4:59 PM Stephen Hardisty wrote:

>Howdy,
>I'm trying to get basic authentication working but when I go to the site,
>I'm not prompted for a username or password. I have the following entry in
>my config:
>
><Directory /var/www/html/blah>
>	AllowOverride AuthConfig
>	AuthUserFile /var/www/html/blah/.htpasswd
>	AuthName "Blah login"
>	AuthType Basic
>	require valid-user (do you have the user name in the actual file?)
>	order deny,allow
></Directory>
>
>No matter what I put in here (and I've tried loads of combinations),
>nothing happens. I'm going to have a fit soon I think. Is there anything
>that turns off authentication or am I just doing something dumb? FYI, I'm
>using Apache 2.0.40.
>
>Hope you guys can help.
>
>Cheers!
>
>________________________________________________________________________
>This email has been scanned for all viruses by the MessageLabs Email
>Security System. For more information on a proactive email security
>service working around the clock, around the globe, visit
>http://www.messagelabs.com
>________________________________________________________________________
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org