On 8/15/06, lists@xxxxxxxxx <lists@xxxxxxxxx> wrote:
Hello, I have a virtual host and I'd like to require basic auth for a directory and everything under it. The following works, goodUser can login and access everythin in www.foo.com/private and all directories below: <VirtualHost *:80> DocumentRoot /www/foo.com/htdocs ServerName www.foo.com <Directory /www/foo.com/htdocs/private> #SSLRequireSSL AuthType Basic AuthName "private" AuthUserFile conf/auth/passwd AuthGroupFile conf/auth/group Require user goodUser </Directory> </VirtualHost> However I also want te require an ssl connection. When I uncomment SSLRequireSSL, I can browse to www.foo.com/private over ssl WITHOUT any password, and I cannot access anything in the subdirectories and no error is written into the log. What am I missing here?
Your <Directory> section is inside a <VirtualHost> that applies only to non-ssl connections. It has no effect whatsoever on ssl connections. Start by putting that <Directory> section outside any <VirtualHost>. (Although your symptoms suggest you might also have other problems with your ssl vhost.) Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx