On 8/15/06, lists@xxxxxxxxx <lists@xxxxxxxxx> wrote:
Hello,
I have a virtual host and I'd like to require basic auth for a directory and
everything under it. The following works, goodUser can login and access
everythin in www.foo.com/private and all directories below:
<VirtualHost *:80>
DocumentRoot /www/foo.com/htdocs
ServerName www.foo.com
<Directory /www/foo.com/htdocs/private>
#SSLRequireSSL
AuthType Basic
AuthName "private"
AuthUserFile conf/auth/passwd
AuthGroupFile conf/auth/group
Require user goodUser
</Directory>
</VirtualHost>
However I also want te require an ssl connection. When I uncomment
SSLRequireSSL, I can browse to www.foo.com/private over ssl WITHOUT any
password, and I cannot access anything in the subdirectories and no error is
written into the log.
What am I missing here?
Your <Directory> section is inside a <VirtualHost> that applies only to non-ssl connections. It has no effect whatsoever on ssl connections. Start by putting that <Directory> section outside any <VirtualHost>. (Although your symptoms suggest you might also have other problems with your ssl vhost.) Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|