Apache sends 401 Response with IE but works with Firefox
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Hello,
I have an Apache 2.2 running on a Fedora Linux distribution. It has worked fine so far until I've recently deployed a simple Ruby-on-rails application with Passenger module. I created a VirtualHost (port based) for the Ruby application. I also do a simple authentication and redirection for unauthenticated access in Ruby code.
The problem: I can access the links fine from Firefox. Without being authenticated, when I access a restricted page I get redirected to the login page (as expected). However, when I use Internet Explorer (tried both 6 and 7) I get a Basic Authentication pop-up. And no matter what I enter for username/password, I always get "HTTP Basic: Access denied." error message. I figured that the requests sent form Firefox and Internet Explorer differ at the "Accept:" request header.
Firefox sends:
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Internet Explorer sends:
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, application/x-ms-application, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml+xml, */*
In addition, when I intercept the request with a proxy and change the Accept header content to */* in IE, it works fine (no basic auth prompt). This leads me to believe that there's something fishy about Apache not liking the long Accept header. The total request header is about 1800 bytes so this can not be related to header length restrictions.
I have a section that requires basic authentication but even if I disable it (comment it out entirely and restart the server) I still get the same result, so I guess it doesn't have anything to do with it.
Here's the VirtualHost configuration of the httpd.conf file:
<VirtualHost *:8080>
DocumentRoot /opt/abc/public/
ErrorLog /opt/abc/log/apache_error.log
CustomLog /opt/abc/log/apache_access.log common
<Directory /opt/abc/public>
AllowOverride None
Options Indexes FollowSymLinks
Satisfy All
Allow from all
</Directory>
</VirtualHost>
I am lost and confused at the moment. Any ideas or assistance is greatly appreciated.
Thanks
QM
[Index of Archives]
[Open SSH Users]
[Linux ACPI]
[Linux Kernel]
[Linux Laptop]
[Kernel Newbies]
[Security]
[Netfilter]
[Bugtraq]
[Squid]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Samba]
[Video 4 Linux]
[Device Mapper]