You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Ben Yau <by...@cardcommerce.com> on 2004/01/03 01:02:22 UTC
[users@httpd] IT GETS WEIRDER!!! RE: [users@httpd] Apache/Redhat Simple AuthType Basic not working :( help please
Tom !! I'm not alone in the world!
Okay, so the old admin had a habit of doing a lot of copying and pasting.
In doing so of the 9 authnames there were only 2 unique ones . So Iwent in
and made each authname unique. Then I went to a server were the auth was
working and the authname on the dialog box WAS NOT EVEN ONE DEFINED IN THE
HTTPD.CONF!!
I created "hello world" test.html files just to ensure that it was loading
the HTML from the machine i though it should be. and it was . However, the
authname that came up was not in the httpd.conf file for the apache server
running on that machine.
So anyone seen THAT before ?
echo "hello world from youthfocusfund" > /home/www/yff/test.html
echo "hello world from auto-rebates.com" >
/home/www/reports.auto-rebates.com/test.html
# grep -i "authname" httpd.conf
AuthName SSLStaging1
AuthName SSLStaging2
AuthName testing3
AuthName "Escrip Staging1"
AuthName "Escrip Staging2"
AuthName SSLStaging4
AuthName YOUTHFOCUSFUND
AuthName SSLStaging5
AuthName REPORTSAUTOREBATE
# apachectl stop
# apachectl start
(just to be sure)
load up www.youthfocusfund.com/test.html
asks for user/password and the authname says "SSLStaging" (??) . I type in
my user pass and it loads up the proper test.html page. (how is my
user/pass even working ? Or how is that authname getting in there?)
load up www.reports.auto-rebates.com/test.html
loads up, no questoins asked.
Further, just to make sure.
# grep -i documentroot httpd.conf
all the docroots are in /home/www. Just to make sure there are no stray
.htaccess flie (or any other access file)
# cd /home/www
# find . -type f -print | xargs grep -i authname 2> /dev/null
All the authnames which come up are not SSLStaging
agggghhh
thanks for your help so far guys :) I think this one may be beyond me .
I'm asking the legacy admin right now and he's just as puzzled.
ben y
> -----Original Message-----
> From: Tom Holmes Jr. [mailto:tom@tomholmes.net]
> Sent: Friday, January 02, 2004 3:59 PM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Apache/Redhat Simple AuthType Basic not
> working :( help please
>
>
> Yep, same issue I am having ... we are both using 2.0.48 and everything I
> setup is the same as what you did. I went to a slightly older version of
> Apache on another machine, and set the configuration up the same
> way and it
> worked.
>
> I am also taking shots in the dark and restarting Apache everytime. I
> wonder how many other people are having the same problem? At least I feel
> better that I am not alone in this.
>
> Thanks.
> Tom
>
> p.s. If I get it working, I'll let you know.
>
> ----- Original Message -----
> From: "Ben Yau" <by...@cardcommerce.com>
> To: <us...@httpd.apache.org>
> Sent: Friday, January 02, 2004 5:06 PM
> Subject: [users@httpd] Apache/Redhat Simple AuthType Basic not working :(
> help please
>
>
> > Hi all.
> >
> > Happy New Year everybody.
> >
> > I'm really having problems with this and I can't figure it out.
> >
> > The problem is that apache seems to be ignoring any of the
> authentication
> > setup i've put in for a new virtual host. The pages are freely
> available
> to
> > anyone who goes to the URL. The error logs and access logs
> reflect this.
> > No errors, and access entries show regular web page serving.
> >
> > I went through the tutorial
> (http://httpd.apache.org/docs/howto/auth.html)
> > and the apache manual (html version downlaoded to my computer) just to
> make
> > sure I wasn't missing anything and still having problems. I'm sure I've
> > overlooked something obvious so hopefully someone can help me out. (at
> least
> > I'm hoping it's something obvious that i've overlooked)
> >
> > We're running Redhat 8.x, Apache2.0.48.
> >
> > The httpd.conf file is quite convoluted (legacy, and this is
> where I think
> > i'm overlooking something). There are several virtualhost
> entries and the
> > problem I'm having is wiht a new Virtualhost for accessing reports of
> > webstats for a specific site.
> >
> > There is an AllowOverride None in the main config area (before all the
> > Virtual hosts directives) in a <Directory /> directive . From what I
> > remember and what I read in one of the tutorials or manuals that means
> that
> > the .htaccess file is completely ignored which is why I'm doing
> everything
> > in the VirtualHost directive to be safe. (is this correct?)
> >
> > Here is my Virtualhost entry:
> > <VirtualHost 10.253.32.174:80>
> >
> > ServerName reports.auto-rebates.com
> > ServerAdmin webmaster@cardcommerce.com
> > DocumentRoot /home/www/reports.auto-rebates.com
> > DirectoryIndex index.html
> > Alias /awstatsjs "/usr/local/awstats/wwwroot/js/"
> > Alias /awstatsclasses "/usr/local/awstats/wwwroot/classes/"
> > Alias /awstatscss "/usr/local/awstats/wwwroot/css"
> > Alias /awstatsicons "/usr/local/awstats/wwwroot/icon"
> > <Directory />
> > AuthType Basic
> > AuthName "ReportsAutoRebates"
> > AuthUserFile /home/www/reports.auto-rebates.com/.rarpasswd
> > Require valid-user
> > </Directory>
> > </VirtualHost>
> >
> > I've also tried
> >
> > Require user byau
> >
> > as well (my test username) with no luck.
> > I created the password file using
> >
> > # htpasswd -c /home/www/reports.auto-rebates.com/.rarpasswd byau
> >
> > I've stopped and restarted the server every time I've changed anything.
> > I've also stopped and restarted my browser (IE on WinXP) and
> deleted temp
> > browser files in case I was already auth for that dir and for
> that reason
> > was skipping future auth. Also accessed the pages using lynx
> on localhost
> > and still no auth required. There are no errors. only entries in access
> > just like normal web page serving
> >
> > It's worth mentioning that there is a virtual host that uses
> /home/www as
> > its documentroot that has its own auth configs. These do work
> by the way.
> > When I close/repoen browser and attepmt to go to the reports website in
> > /home/www/reports.auto-rebates.com, there is no auth asked for
> at all so
> I
> > don't think it is that I have already somehow been validated into
> /home/www
> > and am now being validated into
> /home/www/reports.auto-rebates.com. Is it
> > possible that configurations for /home/www i affecting configs for
> > /home/www/reports.auto-rebates.com even though they are in different
> > <Virtualhost> directives?
> >
> > Here is the first <Virtualhost> entry:
> > <VirtualHost 10.253.32.174:80>
> >
> > ServerName www.escrip.com
> > CauchoConfigFile /usr/local/resin/conf/escrip.conf
> > Serveradmin webadmin@rmsys.net
> > DirectoryIndex index.html index.htm index.jsp index.HTM /error/404.html
> > ScriptAlias /cgi-bin/ /home/www/escripinc_pub/cgi-bin/
> > Alias /dev/ /home/www/dev/escripinc_pub/
> > DocumentRoot /home/www/escripinc_pub/
> >
> >
> > <Directory />
> >
> > AuthType Basic
> > AuthName "Escrip Staging"
> > AuthUserFile /home/www/.esipasswd
> > AuthGroupFile /dev/null
> > Require valid-user
> >
> > </Directory>
> > </Virtualhost>
> >
> >
> > And here is the config stuff before the first <Virtualhost>. I took out
> all
> > the things that didn' tlook relevant (like Add* and BrowserMatch* and
> things
> > like that)
> >
> > User nobody
> > Group nobody
> > ServerAdmin webmaster@cardcommerce.com
> > ServerName tarpon.internal.cci
> > UseCanonicalName Off
> > DocumentRoot "/usr/local/apache2.0.48/htdocs"
> > <Directory />
> > Options FollowSymLinks
> > AllowOverride None
> > </Directory>
> > AccessFileName .htaccess
> > <Files ~ "^\.ht">
> > Order allow,deny
> > Deny from all
> > </Files>
> > TypesConfig conf/mime.types
> > DefaultType text/plain
> > <IfModule mod_mime_magic.c>
> > MIMEMagicFile conf/magic
> > </IfModule>
> > HostnameLookups Off
> >
> >
> >
> >
> > Thanks anybody for any ideas on where I can look. At this
> point I'm just
> > trying random things out to see if anything works. I realize there are
> > other issues to solve (such as not putting the AuthUserFile in
> same dir as
> > DocumentRoot). That's the legacy they are using on the test server that
> > I'll talk to him about later. All I need to do right now is
> just get the
> > username/password working for this virtual host.
> >
> > Thanks!
> > Cheers!
> > Ben
> >
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP
> Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] backout works : re: Apache/Redhat Simple AuthType Basic not working :( help please
Posted by Ben Yau <by...@cardcommerce.com>.
Tom.
Thanks for the tip. We recentlyupgraded to 2.0.48. I downgraded to 2.0.45
(prevoius versoin) and it works now.
Also, the authname on the dialog box is a valid one defined in the
httpd.conf file. The identical httpd.conf file in the 2.0.48 apache
1) did not auth for reports.auto-rebate.com
2) did auth for youthfocusfund.com but with an authname that wasn't in
httpd.conf
go figure :/
Thanks for your help! And for tolerating my crazinesss!
ben y
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org