You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by K Anand <ka...@sail-steel.com> on 2005/05/12 05:39:39 UTC
[users@httpd] Basic Authentication question
Hi all,
I have a very basic question regarding authentication on apache...I have in
my httpd.conf a section like below :
<Directory "/var/www/cgi-bin">
AuthType Basic
AuthName "By Invitaion Only"
AuthUserFile /etc/httpd/conf/passwd/passwords
Require valid-user
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
So whenever a browser first sends a cgi-bin request, authentication is done
by userid and password...Whenever subsequent requests come for cgi-bin,
authentication is not required provided the browser has not been closed. How
is this done ?
I know that this is not a problem but I would like to know just for my
information.
Thanx
Anand
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Basic Authentication question
Posted by Dick Davies <ra...@hellooperator.net>.
* Sandeep Gaikwad <sg...@vertex.co.in> [0558 09:58]:
> Hello Anand,
> Please try by updating the line AllowOverride None by
> AllowOverride AuthConfig or AllowOverride All
>
> Regards,
> Sandeep
Guys, read the mails before posting replies, ok?
What you suggest would enable .htaccess loading of Auth* directives, which
has nothing to do with the question.
>
> K Anand wrote:
>
> >Hi all,
> >
> >I have a very basic question regarding authentication on apache...I have in
> >my httpd.conf a section like below :
> ><Directory "/var/www/cgi-bin">
> > AuthType Basic
> > AuthName "By Invitaion Only"
> > AuthUserFile /etc/httpd/conf/passwd/passwords
> > Require valid-user
> >
> > AllowOverride None
> > Options ExecCGI
> > Order allow,deny
> > Allow from all
> ></Directory>
> >
> >So whenever a browser first sends a cgi-bin request, authentication is done
> >by userid and password...Whenever subsequent requests come for cgi-bin,
> >authentication is not required provided the browser has not been closed.
> >How
> >is this done ?
> >
> >I know that this is not a problem but I would like to know just for my
> >information.
--
'When you have to kill a man it costs nothing to be polite.'
-- Winston Churchill, On formal declarations of war
Rasputin :: Jack of All Trades - Master of Nuns
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Basic Authentication question
Posted by Sandeep Gaikwad <sg...@vertex.co.in>.
Hello Anand,
Please try by updating the line AllowOverride None by
AllowOverride AuthConfig or AllowOverride All
Regards,
Sandeep
K Anand wrote:
>Hi all,
>
>I have a very basic question regarding authentication on apache...I have in
>my httpd.conf a section like below :
><Directory "/var/www/cgi-bin">
> AuthType Basic
> AuthName "By Invitaion Only"
> AuthUserFile /etc/httpd/conf/passwd/passwords
> Require valid-user
>
> AllowOverride None
> Options ExecCGI
> Order allow,deny
> Allow from all
></Directory>
>
>So whenever a browser first sends a cgi-bin request, authentication is done
>by userid and password...Whenever subsequent requests come for cgi-bin,
>authentication is not required provided the browser has not been closed. How
>is this done ?
>
>I know that this is not a problem but I would like to know just for my
>information.
>
>Thanx
>Anand
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
Re: [users@httpd] Basic Authentication question
Posted by K Anand <ka...@sail-steel.com>.
you didn't understand what I was asking...The config I have included is
working ..I have used htpasswd and everything is working fine....All I want
to know is how does apache know that I have already authenticated or not ?
Anand
----- Original Message -----
From: "Chris Winfield-Blum" <ch...@leadingside.com>
To: <us...@httpd.apache.org>
Sent: Thursday, May 12, 2005 9:14 AM
Subject: Re: [users@httpd] Basic Authentication question
> you will have to use the htpasswd tools located in your apache bin to
> create the password file. then you point that directory to that file: ie:
>
> /etc/httpd/conf/passwd/passwords
>
> This should do that you need :)
>
> K Anand said the following:
>
> >Hi all,
> >
> >I have a very basic question regarding authentication on apache...I have
in
> >my httpd.conf a section like below :
> ><Directory "/var/www/cgi-bin">
> > AuthType Basic
> > AuthName "By Invitaion Only"
> > AuthUserFile /etc/httpd/conf/passwd/passwords
> > Require valid-user
> >
> > AllowOverride None
> > Options ExecCGI
> > Order allow,deny
> > Allow from all
> ></Directory>
> >
> >So whenever a browser first sends a cgi-bin request, authentication is
done
> >by userid and password...Whenever subsequent requests come for cgi-bin,
> >authentication is not required provided the browser has not been closed.
How
> >is this done ?
> >
> >I know that this is not a problem but I would like to know just for my
> >information.
> >
> >Thanx
> >Anand
> >
> >
> >---------------------------------------------------------------------
> >The official User-To-User support forum of the Apache HTTP Server
Project.
> >See <URL:http://httpd.apache.org/userslist.html> for more info.
> >To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> >For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
> >
> >
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Basic Authentication question
Posted by Chris Winfield-Blum <ch...@leadingside.com>.
you will have to use the htpasswd tools located in your apache bin to
create the password file. then you point that directory to that file: ie:
/etc/httpd/conf/passwd/passwords
This should do that you need :)
K Anand said the following:
>Hi all,
>
>I have a very basic question regarding authentication on apache...I have in
>my httpd.conf a section like below :
><Directory "/var/www/cgi-bin">
> AuthType Basic
> AuthName "By Invitaion Only"
> AuthUserFile /etc/httpd/conf/passwd/passwords
> Require valid-user
>
> AllowOverride None
> Options ExecCGI
> Order allow,deny
> Allow from all
></Directory>
>
>So whenever a browser first sends a cgi-bin request, authentication is done
>by userid and password...Whenever subsequent requests come for cgi-bin,
>authentication is not required provided the browser has not been closed. How
>is this done ?
>
>I know that this is not a problem but I would like to know just for my
>information.
>
>Thanx
>Anand
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org