RE: [users@httpd] repeated authentication requests

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




> -----Original Message-----
> From: Barham, David [mailto:barhamd@xxxxxxx]

> Alias /tmp/barhamd "/tmp/barhamd/"

What is the point of this directive?
Is /tmp/barhamd/ the full path to a directory?


> My /var/log/httpd/access_log shows
> 134.244.154.125 - barhamd [08/Nov/2005:09:36:33 +0000] "GET 
> /tmp/barhamd/ HTTP/1
> .1" 200 769 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 
> NT 5.1; SV1; .NET CL
> R 1.1.4322)"
> 134.244.154.125 - barhamd [08/Nov/2005:09:36:33 +0000] "GET 
> /tmp/barhamd/2.jpg H
> TTP/1.1" 401 476 "http://cbrlux13/tmp/barhamd/"; "Mozilla/4.0 

I don't understand your URLs... http://cbrlux13/tmp/barhamd/ implies that you have Docroot set to "/" - is that so?

Also, why do you get a 200 on the first hit to GET /tmp/barhamd/ ? You should get a 401 here so the browser prompts for credentials.

Restart  the browser and try again.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> (compatible; MSIE 6
> .0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
> 134.244.154.125 - barhamd [08/Nov/2005:09:36:33 +0000] "GET 
> /tmp/barhamd/1.jpg H
> TTP/1.1" 200 1043 "http://cbrlux13/tmp/barhamd/"; "Mozilla/4.0 
> (compatible; MSIE
> 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
> 134.244.154.125 - barhamd [08/Nov/2005:09:36:33 +0000] "GET 
> /tmp/barhamd/3.jpg H
> TTP/1.1" 200 1316 "http://cbrlux13/tmp/barhamd/"; "Mozilla/4.0 
> (compatible; MSIE
> 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
> 134.244.154.125 - barhamd [08/Nov/2005:09:36:33 +0000] "GET 
> /tmp/barhamd/4.jpg H
> TTP/1.1" 200 1248 "http://cbrlux13/tmp/barhamd/"; "Mozilla/4.0 
> (compatible; MSIE
> 
> And after re-entering my username/password ---
> 
> 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
> 134.244.154.125 - barhamd [08/Nov/2005:09:36:36 +0000] "GET 
> /tmp/barhamd/2.jpg H
> TTP/1.1" 200 1339 "http://cbrlux13/tmp/barhamd/"; "Mozilla/4.0 
> (compatible; MSIE
> 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
> 
> The html for index.html is 
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
> <HTML>
> <HEAD>
> <TITLE>Home Page</TITLE>
> </HEAD>
> 
> <P>
> <CENTER>
> <TABLE BORDER=0 CELLSPACING=4 CELLPADDING=2>
> <TR ALIGN=left>
>         <TD><A HREF="one.htm"><IMG BORDER=0 SRC="1.jpg"></A></TD>
> </TR>
> <TR ALIGN=left>
>         <TD><A HREF="two.htm"><IMG BORDER=0 SRC="2.jpg"></A></TD>
> </TR>
> <TR ALIGN=left>
>         <TD><A HREF="three.htm"><IMG BORDER=0 SRC="3.jpg"></A></TD>
> </TR>
> <TR ALIGN=left>
>         <TD><A HREF="four.htm"><IMG BORDER=0 SRC="4.jpg"></A></TD>
> </TR>
> </TABLE>
> </CENTER>
> 
> </BODY>
> </HTML>
> 
> 
> Sorry page is not public so can't allow access.
> 
> Thanks
> David Barham
> 
> -----Original Message-----
> From: Boyle Owen [mailto:Owen.Boyle@xxxxxxx] 
> Sent: 08 November 2005 07:38
> To: users@xxxxxxxxxxxxxxxx
> Subject: RE: [users@httpd] repeated authentication requests
> 
> Plain text please...
> 
> First, what does "...from a windows AD" mean? Are you 
> accessing the page via apache or locally via the filesystem?
> 
> Regarding the problem;
> - how is your protected realm configured? (don't post the 
> whole config - just the relevant section)
> - do you have more than one realm?
> - what is the path to the images (are they in the same dir 
> are the page or a separate image dir)?
> - is the image dir also a protected realm?
> - are there any redirect rules in force?
> 
> Confusing behaviour like this can arise if you happen to nest 
> realms (eg, /dir1 is a realm and then you configure 
> /dir1/subdir as a realm also) or if you redirect resources 
> from one realm to another parallel realm.
> 
> Is the page on the public internet? Can we have a look?
> 
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored. 
> 
> -----Original Message-----
> From: Barham, David [mailto:barhamd@xxxxxxx]
> Sent: Montag, 7. November 2005 19:08
> To: users@xxxxxxxxxxxxxxxx
> Subject: [users@httpd] repeated authentication requests
> 
> 
> I'm running Apache 2.0.52 on RHEL 2 (EM64T)
> I've installed mod_auth_pam and have got the user 
> authentication working correctly from a windows AD.
> However, I'm finding that I'm getting asked to 
> re-authenticate multiple times.
>  
> In a simple example I might get a page index.html with 
> multiple images. The index.html downloads but then the next 
> entry in the httpd log is a 401 for image1.gif. My browser 
> prompts (again) for username/password but even while it is 
> waiting for a response I see GETs for image2.gif, image3.gif etc.
>  
> If I cancel the username/password dialog box and then refresh 
> the browser I get the gif which was missing the first time 
> around but this time get the 401 on a different image. It 
> seems to always be the second GET which causes this.
>  
> Has anyone seen this?
>  
> Thanks
> David Barham
> 
> Diese E-mail ist eine private und persönliche Kommunikation. 
> Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der 
> SWX Gruppe. This e-mail is of a private and personal nature. 
> It is not related to the exchange or business activities of 
> the SWX Group. Le présent e-mail est un message privé et 
> personnel, sans rapport avec l'activité boursière du Groupe SWX.
>  
>  
> This message is for the named person's use only. It may 
> contain confidential, proprietary or legally privileged 
> information. No confidentiality or privilege is waived or 
> lost by any mistransmission. If you receive this message in 
> error, please notify the sender urgently and then immediately 
> delete the message and any copies of it from your system. 
> Please also immediately destroy any hardcopies of the 
> message. You must not, directly or indirectly, use, disclose, 
> distribute, print, or copy any part of this message if you 
> are not the intended recipient. The sender's company reserves 
> the right to monitor all e-mail communications through their 
> networks. Any views expressed in this message are those of 
> the individual sender, except where the message states 
> otherwise and the sender is authorised to state them to be 
> the views of the sender's company.
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> 
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux