RE: [users@httpd] R: [users@httpd] Authentication realms

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks for the message. That certainly sounds plausible to me.
 
I've temporarily worked around the problem by placing a .htaccess file in the directories with *.wmv files, and putting "Satisfy Any" and "Allow from all" statements in them. Pretty much defeats the purpose of the access control, but at least I can be reasonably assured that users were authenticated in a superior directory anyway.
 
There must be an answer to this somewhere, if I only knew where to look. If your message does indeed describe the reason why this is happening, I'm curious why MS wouldn't allow for authentication credentials to be passed from the originating browser session to the new session - particularly as it's a case of IE firing up Windows Media Player.


From: Chris Ayoub [mailto:chris.ayoub@xxxxxxxxxxxx]
Sent: January 3, 2006 10:11 AM
To: users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] R: [users@httpd] Authentication realms

I'm kind of jumping into the middle of this thread since I have just subscribed recently, but I believe that if an external media player is launched by clicking on the file, then that application will start a different session with the server and cause re-authentication since it is technically a new client... not sure if that helps at all, but I've seen this before so I thought I would throw it in.

Dave Beach wrote:
Interesting. Right-clicking and saving the file from the browser works. A
left-click to open it directly doesn't. Hmm.

-----Original Message-----
From: Sebastian Gil [mailto:sgil@xxxxxxxxxxx]
Sent: January 3, 2006 9:41 AM
To: users@xxxxxxxxxxxxxxxx
Subject: [users@httpd] R: [users@httpd] Authentication realms

Is this happening when you download the file or when you try to open it
directly from the browser? Maybe it's a problem with the media player plugin


-----Messaggio originale-----
Da: Dave Beach [mailto:drbeach@xxxxxxxxxx]
Inviato: martedì 3 gennaio 2006 15.34
A: users@xxxxxxxxxxxxxxxx
Oggetto: RE: [users@httpd] Authentication realms

Thanks for the reply. I've been through the FAQ again, and don't see where
URL space is relevant (although I'm sure that's a deficiency in my
understanding).

Consider www.foo.com (hypothetically - I've just realized that's actually a
real site), and that /usr/local/apache2/htdocs is set as AuthName "bar" in
httpd.conf. Everything behaves perfectly as expected, except a link to
/usr/local/apache2/htdocs/foobar/foobar.wmv causes a re-prompt for
authentication credentials. In the client popup, the user is advised that a
password is required for www.foo.com. The link that causes this is from
/usr/local/apache2/htdocs/index.htm, and merely points to
"foobar/foobar.wmv". For every other link and file on the server,
authentication seems to be working exactly the way I would have expected.
For example, a link that points to "foobar/picture.jpg" does not cause an
authentication re-prompt.

I realize I'm repeating myself here, but I'm trying to illustrate that I'm
not sure how this is a URL space issue. I've re-looked at the FAQ again, and
made two changes - I set UseCanonicalName to off in httpd.conf, and I added
an .htaccess file in /usr/local/apache2/htdocs/foobar that simply repeats
"AuthName "bar"".

Still no joy.

I appreciate your patience; perhaps a slightly more detailed pointer would
nudge me in the right direction.



-----Original Message-----
From: Nick Kew [mailto:nick@xxxxxxxxxxxx]
Sent: January 3, 2006 2:24 AM
To: users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] Authentication realms

On Monday 02 January 2006 22:57, Dave Beach wrote:
  
Hi list!

I'm having a small problem. I have basic authentication set up (httpd
v2.2.0), and it works as I would expect - except that when a user
requests a Windows Media file (wmv) from a subordinate page, the
client browser prompts again for the user's credentials.
    

That's the browser doing the prompting.  Which means the *browser* sees the
wmv file as not being within the already-authenticated area.

You need to sort out your URL space.  The internal organisation of Apache
(thngs like directories) is not relevant (except indirectly, when it affects
URL space).

There's a FAQ entry that might be relevant to you.

--
Nick Kew

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




  
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux