You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by dweimer <dw...@dweimer.net> on 2013/07/09 17:21:05 UTC
[users@httpd] Apache 2.4 authentication issue
I have updated my second server from Apache 2.2.x to Apache 2.4.x, first
server went fine with no problems. The second server however is having
difficulty with a few directories that I had password protected with
basic authentication. I am using Apache 2.4.4 as its the current port
on FreeBSD, and I am aware of the htpasswd bug in that version, and have
confirmed its not the cause of my problem, in fact I tried switching
over to digest authentication with the same result.
I have the directives configured as follows.
<Directory "/usr/local/www/apache24/data">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
<Directory "/usr/local/www/apache24/data/sarg">
SSLRequireSSL
Require all denied
AuthType basic
AuthBasicProvider file
AuthName "SARG"
AuthUserFile /usr/local/www/apache24/data/sarg/.htpasswd
Require valid-user
</Directory>
I don't get any errors, just a login loop, doesn't matter if I use a
valid username password combination or invalid, I can even move the
.htpasswd file out of the folder which should cause an error, but no
error ever gets logged even with debugging on.
The only log I get is the entry showing me the get request that was
marked as 401 unauthenticated:
[09/Jul/2013:09:41:16 -0500] "GET /sarg/index.html HTTP/1.1" 401 381
Does anyone have any clue what I could be missing?
--
Thanks,
Dean E. Weimer
http://www.dweimer.net/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache 2.4 authentication issue
Posted by dweimer <dw...@dweimer.net>.
On 07/09/2013 10:21 am, dweimer wrote:
> I have updated my second server from Apache 2.2.x to Apache 2.4.x,
> first server went fine with no problems. The second server however is
> having difficulty with a few directories that I had password protected
> with basic authentication. I am using Apache 2.4.4 as its the current
> port on FreeBSD, and I am aware of the htpasswd bug in that version,
> and have confirmed its not the cause of my problem, in fact I tried
> switching over to digest authentication with the same result.
>
> I have the directives configured as follows.
>
> <Directory "/usr/local/www/apache24/data">
> Options Indexes FollowSymLinks
> AllowOverride None
> Require all granted
> </Directory>
>
> <FilesMatch "^\.ht">
> Require all denied
> </FilesMatch>
>
> <Directory "/usr/local/www/apache24/data/sarg">
> SSLRequireSSL
> Require all denied
> AuthType basic
> AuthBasicProvider file
> AuthName "SARG"
> AuthUserFile /usr/local/www/apache24/data/sarg/.htpasswd
> Require valid-user
> </Directory>
>
> I don't get any errors, just a login loop, doesn't matter if I use a
> valid username password combination or invalid, I can even move the
> .htpasswd file out of the folder which should cause an error, but no
> error ever gets logged even with debugging on.
>
> The only log I get is the entry showing me the get request that was
> marked as 401 unauthenticated:
> [09/Jul/2013:09:41:16 -0500] "GET /sarg/index.html HTTP/1.1" 401 381
>
> Does anyone have any clue what I could be missing?
Well, I found it myself, nothing in Apache, the site is behind a Squid
reverse proxy, and it wasn't passing the authentication, Apache works
now that I fixed that.
--
Thanks,
Dean E. Weimer
http://www.dweimer.net/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org