On Thu, 12 May 2005, Richard Crawford wrote: > I'm trying to implement Basic authentication for my user directory on my > server, but it's bombing on me. When I go to the protected site, I'm > prompted for a username and password as expected; however, the user is not > authenticated even if they put in the proper username and password. > > I'm using Apache 2.0.52 on Fedora Core 3. SELinux is enabled, but the > security context for the relevant directories has been set properly using the > chcon command. > > The official Apache documentation at > http://httpd.apache.org/docs-2.0/howto/auth.html offers no advice for my > situation, neither do any of my Apache books, so I'm obviously missing > something very basic. > > Here's the user_dir portion of my httpd.conf file: > > ======================================================= > <IfModule mod_userdir.c> > UserDir enable richard jenipurr > UserDir public_html > </IfModule> > > <Directory /home/*/public_html> > AllowOverride All > </Directory> > ======================================================= > > And here's the contents of /home/richard/public_html/.htaccess in the > directory: > > > ======================================================= > AuthType Basic > AuthName "Secret Stories" > AuthUserFile /home/richard/.passwords > > require valid-user > > ======================================================= > > The permissions on both .htaccess and .passwords are set to 644, so Apache > should be able to read them. I've confirmed -- several times -- that > the .passwords file exists in the location I've indicated in .htaccess. And > I've used htpasswd to create the username and password several times. > > What is going on and how do I fix it? > > > I'm guessing that 'nobody' doesn't have privileges to get to '/home/richard'? Like 0755 on both /home and /home/richard? -- Craig Dunigan IS Technical Services Specialist (I don't know what it means, either) Middleware - Enterprise Info Systems - Department of Info Technology University of Wisconsin, Madison opinions expressed are my own, not the University's --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|