Weird interaction between Authentication and ErrorDocument directives

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

  Okay, I found what appears to be a rather odd bug, or at least a very odd
interaction between multiple paths through Apache.  I'm running
Apache/2.0.52 (stock install for CentOS 4.4).  Here's the configuration for
the site in question:

<VirtualHost 66.252.224.242:80>
  ServerName	boston.conman.org
  ServerAdmin	sean@xxxxxxxxxx
  DocumentRoot	/home/spc/web/sites/boston.conman.org/htdocs
  ScriptAlias	/cgi-bin/ /home/spc/web/sites/boston.conman.org/cgi-bin/
  CustomLog	/home/spc/web/logs/boston.conman.org combined

  RewriteLog	/tmp/rewrite.log
  RewriteLogLevel	9

  ErrorDocument	400	/boston.cgi/errors/400.html?status=400
  ErrorDocument	401	/boston.cgi/errors/401.html?status=401
  ErrorDocument	402	/boston.cgi/errors/402.html?status=402
  ErrorDocument	403	/boston.cgi/errors/403.html?status=403
  ErrorDocument	404	/boston.cgi/errors/404.html?status=404
  ErrorDocument	405	/boston.cgi/errors/405.html?status=405
  ErrorDocument	406	/boston.cgi/errors/406.html?status=406
  ErrorDocument	407	/boston.cgi/errors/407.html?status=407
  ErrorDocument	408	/boston.cgi/errors/408.html?status=408
  ErrorDocument	409	/boston.cgi/errors/409.html?status=409
  ErrorDocument	410	/boston.cgi/errors/410.html?status=410
  ErrorDocument	411	/boston.cgi/errors/411.html?status=411
  ErrorDocument	412	/boston.cgi/errors/412.html?status=412
  ErrorDocument	413	/boston.cgi/errors/413.html?status=413
  ErrorDocument	414	/boston.cgi/errors/414.html?status=414
  ErrorDocument	415	/boston.cgi/errors/415.html?status=415
  ErrorDocument	416	/boston.cgi/errors/416.html?status=416
  ErrorDocument	417	/boston.cgi/errors/417.html?status=417
  ErrorDocument	500	/boston.cgi/errors/500.html?status=500
  ErrorDocument	501	/boston.cgi/errors/501.html?status=501
  ErrorDocument	502	/boston.cgi/errors/502.html?status=502
  ErrorDocument	503	/boston.cgi/errors/503.html?status=503
  ErrorDocument	504	/boston.cgi/errors/504.html?status=504
  ErrorDocument	505	/boston.cgi/errors/505.html?status=505

  <Directory /home/spc/web/sites/boston.conman.org/htdocs>
    Options		All
    AllowOverride	None

    AuthType		Basic
    AuthName		"Boston Diaries Editor"
    AuthUserFile	/home/spc/web/sites/boston.conman.org/users
    AuthGroupFile	/home/spc/web/sites/boston.conman.org/groups

    <LimitExcept HEAD GET>
      Require		valid-user
    </LimitExcept>

    RewriteEngine	on
    RewriteBase		/

    RewriteRule		^([0-9][0-9])(.*)	boston.cgi/$1$2 [L]
    RewriteRule		^parallel/$		parallel.cgi [L]
    RewriteRule		^parallel/(.*)		parallel.cgi/$1 [L]

    RewriteRule     ^archive/$              boston.cgi/archive/index.html [L]
    RewriteRule     ^about/$                boston.cgi/about/index.html [L]
    RewriteRule     ^about/(.*)             boston.cgi/about/$1 [L]
    RewriteRule     ^refs/$                 boston.cgi/refs/index.html [L]
    RewriteRule     ^refs/(.*)              boston.cgi/refs/$1 [L]

    RewriteRule     ^addentry.html$         boston.cgi?cmd=new [L]

    Redirect permanent      /bdstyle.css            http://boston.conman.org/CSS/screen.css
    Redirect permanent      /bd.rss                 http://boston.conman.org/bostondiaries.rss
    Redirect permanent      /bostondiaries.rss_     http://boston.conman.org/bostondiaries.rss
    Redirect permanent      /CSS/april.css          http://boston.conman.org/CSS/april-2004.css

    Redirect gone		/doi.cgi
    Redirect gone		/notify.cgi
    Redirect gone		/test
    Redirect gone		/play

  </Directory>

  <Directory "/home/spc/web/sites/boston.conman.org/htdocs/foobar">
    Options		All
    AllowOverride	None

    AuthType		Basic
    AuthName		"Boston Diaries Editor"
    AuthUserFile	/home/spc/web/sites/boston.conman.org/users
    AuthGroupFile	/home/spc/web/sites/boston.conman.org/groups
    Require		valid-user
  </Directory>

  <Location "/addentry.html">
    AuthType		Basic
    AuthName		"Boston Diaries Editor"
    AuthUserFile	/home/spc/web/sites/boston.conman.org/users
    AuthGroupFile	/home/spc/web/sites/boston.conman.org/groups

    Require		valid-user
  </Location>

</VirtualHost>

  As you can see, a lot gets funnelled through boston.cgi.  After about four
hours of debugging, I finally found my problem:  if I comment out the
ErrorDocument directives, the authentication directives all work.  Uncomment
the ErrorDocument directives, and all I get when I try to access

	http://boston.conman.org/addentry.html

 is a 400 response (not a 401, or a 404, but a plain 400).  Nothing shows up
in the error_log.  The rewrite log shows a whole lot of nothing:

X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] add path info postfix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi -> /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] strip per-dir prefix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html -> boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] applying pattern '^([0-9][0-9])(.*)' to uri 'boston.cgi/errors/401.html'
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] add path info postfix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi -> /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] strip per-dir prefix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html -> boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] applying pattern '^parallel/$' to uri 'boston.cgi/errors/401.html'
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] add path info postfix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi -> /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] strip per-dir prefix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html -> boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] applying pattern '^parallel/(.*)' to uri 'boston.cgi/errors/401.html'
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] add path info postfix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi -> /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] strip per-dir prefix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html -> boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] applying pattern '^archive/$' to uri 'boston.cgi/errors/401.html'
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] add path info postfix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi -> /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] strip per-dir prefix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html -> boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] applying pattern '^about/$' to uri 'boston.cgi/errors/401.html'
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] add path info postfix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi -> /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] strip per-dir prefix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html -> boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] applying pattern '^about/(.*)' to uri 'boston.cgi/errors/401.html'
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] add path info postfix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi -> /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] strip per-dir prefix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html -> boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] applying pattern '^refs/$' to uri 'boston.cgi/errors/401.html'
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] add path info postfix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi -> /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] strip per-dir prefix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html -> boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] applying pattern '^refs/(.*)' to uri 'boston.cgi/errors/401.html'
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] add path info postfix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi -> /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] strip per-dir prefix: /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi/errors/401.html -> boston.cgi/errors/401.html
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (3) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] applying pattern '^addentry.html$' to uri 'boston.cgi/errors/401.html'
X.X.X.X - - [28/Feb/2008:03:41:56 --0500] [boston.conman.org/sid#87f6de8][rid#88d25f8/initial/redir#1] (1) [per-dir /home/spc/web/sites/boston.conman.org/htdocs/] pass through /home/spc/web/sites/boston.conman.org/htdocs/boston.cgi

(and so on and so on and so on)

Have I, in fact, found a bug?  I'd rather *not* upgrade (as CentOS is still
using 2.0.52 and I'd have to do this from source, which is something I'm a
bit relunctant to do).  

  -spc



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux