You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Leo Papadopoulos <le...@telecomcto.com> on 2005/11/02 01:48:49 UTC
[users@httpd] Help with Digest Authentication
Dear HTTPD users,
I am fairly new to Apache, but my server is running and I am successfully
serving up html and php.
Now I want to add DIGEST authentication when a user tries to access the
/private directory off of my WebRoot directory. My webroot directory is
/var/www/html and is configured as such in the httpd.conf file.
So...here is the information.
1) I am running Apache version 2.0.54 on FC4.
2) I have loaded the mod_auth.so, mod_auth_anon.so, mod_auth_dbm.so, and
mod_auth_digest.so.
3) I have used htdigest tool to create a password file call htdigusers in
the /etc/httpd/conf directory and have added a user called leo with a
password of testing (<--this is not the real password).
4) I have added a section to my httpd.conf file to force digest
authentication for the /private directory.
This section reads as follows:
<Location /private/>
AuthType Digest
AuthName "private area"
AuthDigestDomain http://sip.telecomcto.com AuthDigestFile
/etc/httpd/conf/htdigusers Require valid-user </Location>
5) I put a file called index.html in the /private directory.
When I access http://sip.telecomcto.com/private Firefox brings up the
username password box, but when I type it in it does not accept the username
and password and just brings up the dialog box again..
WHY IS THIS HAPPENING? PLEASE HELP.
________________________________
Telecom CTO
Leo Papadopoulos
10 Old Stone Court
Ridgefield, CT 06877
Tel: 203-438-8117
Cell: 203-788-6364
E-mail: leo@telecomCTO.com
Web site: www.telecomCTO.com
________________________________
Telecom CTO
Leo Papadopoulos
10 Old Stone Court
Ridgefield, CT 06877
Tel: 203-438-8117
Cell: 203-788-6364
E-mail: leo@telecomCTO.com
Web site: www.telecomCTO.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Help with Digest Authentication - PROBLEM SOLVED!
Posted by Leo Papadopoulos <le...@telecomcto.com>.
Dear Group,
Thank you.
I took your advice and I did the following.
1) I stopped using the AuthDigestDomain field. It doesn't seem to do
anything for me.
2) I changed the AuthName to PrivateArea (notice there is no space).
3) I added the user leo to the htdigusers file with a realm of PrivateArea
4) Finally, (and this is important) I changed the rights of the files in the
private directory so that people other than the owner can read them (644).
Thank you all.
Leo P.
-----Original Message-----
From: Joe Orton [mailto:jorton@redhat.com]
Sent: Wednesday, November 02, 2005 3:26 PM
To: Leo Papadopoulos
Cc: users@httpd.apache.org
Subject: Re: [users@httpd] Help with Digest Authentication
On Wed, Nov 02, 2005 at 11:33:32AM -0500, Leo Papadopoulos wrote:
> Dear httpd-users and Joshua:
>
> Here is the information Joshua asked for.
>
> The httpd.conf file is configured with:
In your first post you said you had:
AuthName "private area"
which is it really using? The string configured as the AuthName must
exactly match the "realm" string passed to htdigest otherwise auth will
fail. I'd get rid of the AuthDigestDomain setting from the config as it
doesn't make much difference.
joe
>
> <Location /private/>
> AuthType Digest
> AuthName http://sip.telecomcto.com/
> AuthDigestDomain /private/ http://sip.telecomcto.com/
> AuthDigestFile /etc/httpd/conf/htdigusers
> Require valid-user
> </Location>
>
> The error log says:
>
> [Wed Nov 02 11:24:40 2005] [error] [client 69.0.78.113] Digest: user `leo'
> in realm `http://sip.telecomcto.com/' not found: /private/
>
> The htdigusers file says:
> leo:http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f
>
> I still cannot log in. I get rejected as you can see from the error
message,
> but I don't know why.
>
> Leo P.
>
> -----Original Message-----
> From: Joshua Slive [mailto:jslive@gmail.com]
> Sent: Wednesday, November 02, 2005 10:49 AM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Help with Digest Authentication
>
> On 11/1/05, Leo Papadopoulos <le...@telecomcto.com> wrote:
>
> > When I access http://sip.telecomcto.com/private Firefox brings up the
> > username password box, but when I type it in it does not accept the
> username
> > and password and just brings up the dialog box again..
>
> Anything interesting in the apache error_log?
>
> Joshua.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Help with Digest Authentication
Posted by Joe Orton <jo...@redhat.com>.
On Wed, Nov 02, 2005 at 11:33:32AM -0500, Leo Papadopoulos wrote:
> Dear httpd-users and Joshua:
>
> Here is the information Joshua asked for.
>
> The httpd.conf file is configured with:
In your first post you said you had:
AuthName "private area"
which is it really using? The string configured as the AuthName must
exactly match the "realm" string passed to htdigest otherwise auth will
fail. I'd get rid of the AuthDigestDomain setting from the config as it
doesn't make much difference.
joe
>
> <Location /private/>
> AuthType Digest
> AuthName http://sip.telecomcto.com/
> AuthDigestDomain /private/ http://sip.telecomcto.com/
> AuthDigestFile /etc/httpd/conf/htdigusers
> Require valid-user
> </Location>
>
> The error log says:
>
> [Wed Nov 02 11:24:40 2005] [error] [client 69.0.78.113] Digest: user `leo'
> in realm `http://sip.telecomcto.com/' not found: /private/
>
> The htdigusers file says:
> leo:http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f
>
> I still cannot log in. I get rejected as you can see from the error message,
> but I don't know why.
>
> Leo P.
>
> -----Original Message-----
> From: Joshua Slive [mailto:jslive@gmail.com]
> Sent: Wednesday, November 02, 2005 10:49 AM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Help with Digest Authentication
>
> On 11/1/05, Leo Papadopoulos <le...@telecomcto.com> wrote:
>
> > When I access http://sip.telecomcto.com/private Firefox brings up the
> > username password box, but when I type it in it does not accept the
> username
> > and password and just brings up the dialog box again..
>
> Anything interesting in the apache error_log?
>
> Joshua.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Help with Digest Authentication
Posted by Joshua Slive <js...@gmail.com>.
On 11/2/05, Joshua Kogut <jm...@gmail.com> wrote:
> Also, I think that the location could be the full path like
> /full/path/to/web/root/private/ the authname should be the http address of
> the private folder, as should the domain, etc. Hope this helps!
No, that is not correct.
> > is your username:domain:password (I think) The part that says
> http://sip.telecomcto.com/ should be the folder that you wish to be private,
> so methinks that the full entry should be:
> >
> >
> leo:http://sip.telecomcto.com/private/:23496e7646ea444ff7930fbd325d32f
I don't believe that is correct either. But my knowledge of digest
auth is pretty limitted.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Help with Digest Authentication
Posted by Joshua Kogut <jm...@gmail.com>.
Oops, forgot about this...
<Location /private/>
AuthType Digest
AuthName http://sip.telecomcto.com/
AuthDigestDomain /private/ http://sip.telecomcto.com/
AuthDigestFile /etc/httpd/conf/htdigusers
Require valid-user
</Location>
Also, I think that the location could be the full path like
/full/path/to/web/root/private/ the authname should be the http address of
the private folder, as should the domain, etc. Hope this helps!
On 11/2/05, Joshua Kogut <jm...@gmail.com> wrote:
>
> Ok, this:
>
>
> leo:http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f
>
> is your username:domain:password (I think) The part that says http://sip.telecomcto.com/
> <http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f> should be the
> folder that you wish to be private, so methinks that the full entry should
> be:
>
> leo:http://sip.telecomcto.com/private/:23496e7646ea444ff7930fbd325d32f<http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f>
>
> This should give you the proper access rights to the private folder. Since
> I am no professional, I cannont guarantee that this is the solution, only
> that this is what I would do...
>
> On 11/2/05, Leo Papadopoulos <le...@telecomcto.com> wrote:
> >
> > Dear httpd-users and Joshua:
> >
> > Here is the information Joshua asked for.
> >
> > The httpd.conf file is configured with:
> >
> > <Location /private/>
> > AuthType Digest
> > AuthName http://sip.telecomcto.com/
> > AuthDigestDomain /private/ http://sip.telecomcto.com/
> > AuthDigestFile /etc/httpd/conf/htdigusers
> > Require valid-user
> > </Location>
> >
> > The error log says:
> >
> > [Wed Nov 02 11:24:40 2005] [error] [client 69.0.78.113<http://69.0.78.113>]
> > Digest: user `leo'
> > in realm `http://sip.telecomcto.com/' not found: /private/
> >
> > The htdigusers file says:
> > leo:http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f
> >
> > I still cannot log in. I get rejected as you can see from the error
> > message,
> > but I don't know why.
> >
> > Leo P.
> >
> > -----Original Message-----
> > From: Joshua Slive [mailto: jslive@gmail.com]
> > Sent: Wednesday, November 02, 2005 10:49 AM
> > To: users@httpd.apache.org
> > Subject: Re: [users@httpd] Help with Digest Authentication
> >
> > On 11/1/05, Leo Papadopoulos < leo@telecomcto.com> wrote:
> >
> > > When I access http://sip.telecomcto.com/private Firefox brings up the
> > > username password box, but when I type it in it does not accept the
> > username
> > > and password and just brings up the dialog box again..
> >
> > Anything interesting in the apache error_log?
> >
> > Joshua.
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
> > Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
> > Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
> --
> || jmkogut ||
> email: jmkogut@gmail.com
> || Networking: Where all your problems are category 5. ||
>
--
|| jmkogut ||
email: jmkogut@gmail.com
|| Networking: Where all your problems are category 5. ||
Re: [users@httpd] Help with Digest Authentication
Posted by Joshua Kogut <jm...@gmail.com>.
Ok, this:
leo:http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f
is your username:domain:password (I think) The part that says
http://sip.telecomcto.com/<http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f>should
be the folder that you wish to be private, so methinks that the full
entry should be:
leo:http://sip.telecomcto.com/private/:23496e7646ea444ff7930fbd325d32f<http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f>
This should give you the proper access rights to the private folder. Since I
am no professional, I cannont guarantee that this is the solution, only that
this is what I would do...
On 11/2/05, Leo Papadopoulos <le...@telecomcto.com> wrote:
>
> Dear httpd-users and Joshua:
>
> Here is the information Joshua asked for.
>
> The httpd.conf file is configured with:
>
> <Location /private/>
> AuthType Digest
> AuthName http://sip.telecomcto.com/
> AuthDigestDomain /private/ http://sip.telecomcto.com/
> AuthDigestFile /etc/httpd/conf/htdigusers
> Require valid-user
> </Location>
>
> The error log says:
>
> [Wed Nov 02 11:24:40 2005] [error] [client 69.0.78.113<http://69.0.78.113>]
> Digest: user `leo'
> in realm `http://sip.telecomcto.com/' not found: /private/
>
> The htdigusers file says:
> leo:http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f
>
> I still cannot log in. I get rejected as you can see from the error
> message,
> but I don't know why.
>
> Leo P.
>
> -----Original Message-----
> From: Joshua Slive [mailto:jslive@gmail.com]
> Sent: Wednesday, November 02, 2005 10:49 AM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Help with Digest Authentication
>
> On 11/1/05, Leo Papadopoulos <le...@telecomcto.com> wrote:
>
> > When I access http://sip.telecomcto.com/private Firefox brings up the
> > username password box, but when I type it in it does not accept the
> username
> > and password and just brings up the dialog box again..
>
> Anything interesting in the apache error_log?
>
> Joshua.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
--
|| jmkogut ||
email: jmkogut@gmail.com
|| Networking: Where all your problems are category 5. ||
RE: [users@httpd] Help with Digest Authentication
Posted by Leo Papadopoulos <le...@telecomcto.com>.
Dear httpd-users and Joshua:
Here is the information Joshua asked for.
The httpd.conf file is configured with:
<Location /private/>
AuthType Digest
AuthName http://sip.telecomcto.com/
AuthDigestDomain /private/ http://sip.telecomcto.com/
AuthDigestFile /etc/httpd/conf/htdigusers
Require valid-user
</Location>
The error log says:
[Wed Nov 02 11:24:40 2005] [error] [client 69.0.78.113] Digest: user `leo'
in realm `http://sip.telecomcto.com/' not found: /private/
The htdigusers file says:
leo:http://sip.telecomcto.com/:23496e7646ea444ff7930fbd325d32f
I still cannot log in. I get rejected as you can see from the error message,
but I don't know why.
Leo P.
-----Original Message-----
From: Joshua Slive [mailto:jslive@gmail.com]
Sent: Wednesday, November 02, 2005 10:49 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Help with Digest Authentication
On 11/1/05, Leo Papadopoulos <le...@telecomcto.com> wrote:
> When I access http://sip.telecomcto.com/private Firefox brings up the
> username password box, but when I type it in it does not accept the
username
> and password and just brings up the dialog box again..
Anything interesting in the apache error_log?
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Help with Digest Authentication
Posted by Joshua Slive <js...@gmail.com>.
On 11/1/05, Leo Papadopoulos <le...@telecomcto.com> wrote:
> When I access http://sip.telecomcto.com/private Firefox brings up the
> username password box, but when I type it in it does not accept the username
> and password and just brings up the dialog box again..
Anything interesting in the apache error_log?
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org