You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Paul Cocker <pa...@tntpost.co.uk> on 2008/06/04 18:06:03 UTC
[users@httpd] Setting up password authentication
I want to setup digest password authentication as a light deterrent
around a development site (i.e. nothing sensitive, just not ready for
public consumption).
I added the following to httpd.conf:
<Directory "/var/www/html/dev">
AuthType Digest
AuthName "Development Area - Authorised Access Only!"
AuthUserFile /usr/local/apache2/passwd/digest
Require user username
Order Deny,Allow
Deny from all
Allow from {ipaddress}
</Directory>
<VirtualHost *:80>
ServerAdmin administrator@domain.co.uk
ServerName dev.domain.co.uk
DocumentRoot /var/www/html/dev
</VirtualHost>
I then created a password file:
htdigest -c /usr/local/apache2/passwd/digest realm username
Finally I restarted apache:
apachectl graceful
A few issues:
1. I don't know what the significance of realm is, nor have I been able
to find out.
2. Attempts to connect to this site get the username and password box,
but all produce an Error 500 page, regardless of whether the correct
credentials are entered or not. No files exist within /var/www/html/dev
because I simply wished to test authentication.
Everything looks okay as best as I can tell, but as this is my first
crack at this sort of thing I'm hoping for some guidance.
Paul Cocker
Systems Infrastructure Support Administrator
TNT Post is the trading name for TNT Post UK Ltd (company number: 04417047), TNT Post (Doordrop Media) Ltd (00613278), TNT Post Scotland Ltd (05695897),TNT Post North Ltd (05701709) and TNT Post South West Ltd (05983401). Emma's Diary and Lifecycle are trading names for Lifecycle Marketing (Mother and Baby) Ltd (02556692). All companies are registered in England and Wales; registered address: 1 Globeside Business Park, Fieldhouse Lane, Marlow, Buckinghamshire, SL7 1HY.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Setting up password authentication
Posted by Res <re...@ausics.net>.
On Thu, 5 Jun 2008, André Warnier wrote:
> Is it really an error 500 you are getting ?
> That does not sound right (500 means "server error", like a script crashing,
> not an authentication/authorization error, which would be in the 4xx range).
> Check the error log to see what error really happens.
>
500 can be produced if authentication config is wrong,
500 = 'internal server error' which covers many aspects
--
Cheers
Res
I read usenet and lists in pine. But m$ outlook, thunderbird and gmail
often use html span/whatever for quotes, makes it hard to tell who said
what, so I dont try. If I ignore you, thats why! Use a compliant mailer.
Re: [users@httpd] Setting up password authentication
Posted by André Warnier <aw...@ice-sa.com>.
Res wrote:
> On Wed, 4 Jun 2008, Paul Cocker wrote:
>
>> I want to setup digest password authentication as a light deterrent
>> around a development site (i.e. nothing sensitive, just not ready for
>> public consumption).
>>
[...]
>
>> but all produce an Error 500 page, regardless of whether the correct
>> credentials are entered or not. No files exist within /var/www/html/dev
>> because I simply wished to test authentication.
Is it really an error 500 you are getting ?
That does not sound right (500 means "server error", like a script
crashing, not an authentication/authorization error, which would be in
the 4xx range). Check the error log to see what error really happens.
André
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Setting up password authentication
Posted by Paul Cocker <pa...@tntpost.co.uk>.
Thanks, I've got it working now, satisfy any did the trick.
Paul Cocker
Systems Infrastructure Support Administrator
-----Original Message-----
From: Res [mailto:res@ausics.net]
Sent: 04 June 2008 23:04
To: users@httpd.apache.org
Subject: Re: [users@httpd] Setting up password authentication
On Wed, 4 Jun 2008, Paul Cocker wrote:
> I want to setup digest password authentication as a light deterrent
> around a development site (i.e. nothing sensitive, just not ready for
> public consumption).
>
> I added the following to httpd.conf:
>
> <Directory "/var/www/html/dev">
> AuthType Digest
> AuthName "Development Area - Authorised Access Only!"
> AuthUserFile /usr/local/apache2/passwd/digest
> Require user username
> Order Deny,Allow
> Deny from all
> Allow from {ipaddress}
---> Satisfy any
> </Directory>
>
> <VirtualHost *:80>
> ServerAdmin administrator@domain.co.uk
> ServerName dev.domain.co.uk
> DocumentRoot /var/www/html/dev
> </VirtualHost>
keep it simple and put your directory container inside the virtualhost
block
> 1. I don't know what the significance of realm is, nor have I been
> able to find out.
its the name fo your realm that the username will belong to
>
> 2. Attempts to connect to this site get the username and password box,
as earlier, insert the satisfy option
> but all produce an Error 500 page, regardless of whether the correct
> credentials are entered or not. No files exist within
> /var/www/html/dev because I simply wished to test authentication.
Check you have the authconfig option? in your directory container add in
AllowOverride AuthConfig ... its possible your global config
parameters are denying this. Also whislt your testing do something like
echo "it works" > /var/www/html/dev/index.html its not your problem but
will help verify you can read the dir once you do login.
--
Cheers
Res
I read usenet and lists in pine. But m$ outlook, thunderbird and gmail
often use html span/whatever for quotes, makes it hard to tell who said
what, so I dont try. If I ignore you, thats why! Use a compliant mailer.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
TNT Post is the trading name for TNT Post UK Ltd (company number: 04417047), TNT Post (Doordrop Media) Ltd (00613278), TNT Post Scotland Ltd (05695897),TNT Post North Ltd (05701709) and TNT Post South West Ltd (05983401). Emma's Diary and Lifecycle are trading names for Lifecycle Marketing (Mother and Baby) Ltd (02556692). All companies are registered in England and Wales; registered address: 1 Globeside Business Park, Fieldhouse Lane, Marlow, Buckinghamshire, SL7 1HY.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Setting up password authentication
Posted by Res <re...@ausics.net>.
On Wed, 4 Jun 2008, Paul Cocker wrote:
> I want to setup digest password authentication as a light deterrent
> around a development site (i.e. nothing sensitive, just not ready for
> public consumption).
>
> I added the following to httpd.conf:
>
> <Directory "/var/www/html/dev">
> AuthType Digest
> AuthName "Development Area - Authorised Access Only!"
> AuthUserFile /usr/local/apache2/passwd/digest
> Require user username
> Order Deny,Allow
> Deny from all
> Allow from {ipaddress}
---> Satisfy any
> </Directory>
>
> <VirtualHost *:80>
> ServerAdmin administrator@domain.co.uk
> ServerName dev.domain.co.uk
> DocumentRoot /var/www/html/dev
> </VirtualHost>
keep it simple and put your directory container inside the virtualhost
block
> 1. I don't know what the significance of realm is, nor have I been able
> to find out.
its the name fo your realm that the username will belong to
>
> 2. Attempts to connect to this site get the username and password box,
as earlier, insert the satisfy option
> but all produce an Error 500 page, regardless of whether the correct
> credentials are entered or not. No files exist within /var/www/html/dev
> because I simply wished to test authentication.
Check you have the authconfig option? in your directory container add in
AllowOverride AuthConfig ... its possible your global config
parameters are denying this. Also whislt your testing do something like
echo "it works" > /var/www/html/dev/index.html
its not your problem but will help verify you can read the dir once you do
login.
--
Cheers
Res
I read usenet and lists in pine. But m$ outlook, thunderbird and gmail
often use html span/whatever for quotes, makes it hard to tell who said
what, so I dont try. If I ignore you, thats why! Use a compliant mailer.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org