Re: Problem With Password Protection in Apache 2.2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Joshua Slive wrote:


- Require directive is limited to GET requests. So you don't mind if
people without a password access the content via POST requests?

I just did a cut and paste from an example from some documentation.


Throw away that documentation. It's over a decade out of date. Try here instead:
http://httpd.apache.org/docs/2.2/howto/auth.html


See below.


At this point this is the least of my problems, especially since the
content does not require high security. Once I get the password
protection issue solved then I'll add POST too.


No. You'll solve it by removing the <Limit > and </Limit> altogether.


That didn't make a difference, but I took them out
anyway.

Your advice above about throwing away old documentation is a good one.
I'll make sure I'm only looking at documentation for Apache 2.2 since,
as I've learned, a lot has changed even since version 2.0.


My best guess at your problem is that you are missing one of the
required modules to do auth. As the above docs suggest, you'll need at
least mod_auth_basic, mod_authn_file, and mod_authz_user.


Bingo. That was it. I now have the following:

------------------
LoadModule authz_host_module libexec/mod_authz_host.so
LoadModule auth_basic_module libexec/mod_auth_basic.so
LoadModule authn_file_module libexec/mod_authn_file.so
LoadModule authz_user_module libexec/mod_authz_user.so
------------------

and that does the trick.

So, to summarize, the above modules, plus the below directives
work:

------------------
<Directory /users/chemweb/apache2/http-cchem/htdocs/admittedstudent>
    AuthType Basic
    AuthName "Restricted Files"
    AuthUserFile /users/chemweb/apache2/http-cchem/htdocs/admittedstudent/.htpasswd
    Require user gsportal AdmittedStudent
</Directory>
------------------

Thanks to everyone, especially Joshua Slive, for their help.

Cordially,

--
Jon Forrest
Unix Computing Support
College of Chemistry
173 Tan Hall
University of California Berkeley
Berkeley, CA
94720-1460
510-643-1032
jlforrest@xxxxxxxxxxxx

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux