First your site file need to contains <Location "/status"> AuthName "Private Site" AuthType basic AuthUserFile /etc/apache2/htusers require valid-user </Location> And I've found that a force-reload doesn't always recognize this, you(I anyway) have to actually restart apache to get it to recognize this. On Fri, 2009-01-30 at 14:52 -0800, Kohne, Mike wrote: > I'm running apache 2.2.3 on an Ubuntu 8.04 server. The server is a > VMWare machine that I use for all my debugging. > > I have AuthType Basic directives inside <Directory > blocks in my site > config file. > Right now, I'm finding that no one is ever being asked for > username/password. Ever. > At first I thought it was just my browser being agressive in caching > credentials, but I've restarted browsers, installed new browsers, > changed passwords and even removed the passwd and groups files - I still > have no problems accessing the content. > > I even ran a wireshark trace of a transaction and I only saw the > original GET and the response. > > I tried removing the symlink from sites-enabled and I was no longer able > to access the content. Therefore, I conclude that apache IS reading the > site file. > > Obviously something is screwed up on my system, but I'm pretty sure this > config file hasn't changed in months (I looked in CVS), and I'm pretty > clear that it was working when last it was modified. > > > > Can anyone give me a clue as to what I'm doing wrong here? How the heck > do I debug this? I set LogLevel to debug in both this file and the > apache2.conf file, with nothing of interest showing up. > > > > > My site config file is in sites-available with a symlink from > sites-enabled. > /etc/apache2$ ls -al sites-available/ > -rwxr-xr-x 1 root root 2788 2009-01-30 16:59 cfn > > /etc/apache2$ ls -al sites-enabled/ > lrwxrwxrwx 1 root root 32 2009-01-30 17:28 cfn -> > /etc/apache2/sites-available/cfn > > > Here's the site config file: > > NameVirtualHost * > <VirtualHost *> > ServerAdmin webmaster@localhost > > DocumentRoot /var/www/html > > # Michael Kohne 2/26/08 > # For some reason, Options +Includes doesn't work if used > # inside a DirectoryMatch block, or a Directory block which > # uses regex to match the directory name. > # Thus, I've eliminated all DirectoryMatch blocks. > <Directory cfn/level_2> > AuthType Basic > AuthName "Gasboy CFN 4" > AuthUserFile /etc/opt/cfn/passwd > AuthGroupFile /etc/opt/cfn/groups > Require group level_2 > > Options +Includes Indexes MultiViews FollowSymLinks > AllowOverride None > Order allow,deny > Allow from all > </Directory> > # NOTE: should be the same as cfn/level_2 > <Directory cfn/html> > AuthType Basic > AuthName "Gasboy CFN 4" > AuthUserFile /etc/opt/cfn/passwd > AuthGroupFile /etc/opt/cfn/groups > Require group level_2 > > Options +Includes Indexes MultiViews FollowSymLinks > AllowOverride None > Order allow,deny > Allow from all > </Directory> > > <Directory cfn/level_6> > AuthType Basic > AuthName "Gasboy CFN 4" > AuthUserFile /etc/opt/cfn/passwd > AuthGroupFile /etc/opt/cfn/groups > Require group level_6 > > Options +Includes Indexes MultiViews FollowSymLinks > AllowOverride None > Order allow,deny > Allow from all > </Directory> > > # should be same as cfn/level_6 > <Directory cfn/html/level_6> > AuthType Basic > AuthName "Gasboy CFN 4" > AuthUserFile /etc/opt/cfn/passwd > AuthGroupFile /etc/opt/cfn/groups > Require group level_6 > > Options +Includes Indexes MultiViews FollowSymLinks > AllowOverride None > Order allow,deny > Allow from all > </Directory> > > ScriptLog logs/cgi_log > ScriptAlias /cgi-bin/ /var/www/cgi-bin/ > <Directory "/var/www/cgi-bin/"> > AllowOverride None > Options ExecCGI -MultiViews +SymLinksIfOwnerMatch > FollowSymLinks > Order allow,deny > Allow from all > </Directory> > > ErrorLog /var/log/apache2/error.log > > # Possible values include: debug, info, notice, warn, error, > crit, > # alert, emerg. > LogLevel debug > > CustomLog /var/log/apache2/access.log combined > ServerSignature On > > </VirtualHost> > > > > > > > > apache2 -V output: > Server version: Apache/2.2.3 > Server built: Feb 4 2008 20:19:27 > Server's Module Magic Number: 20051115:3 > Server loaded: APR 1.2.7, APR-Util 1.2.7 > Compiled using: APR 1.2.7, APR-Util 1.2.7 > Architecture: 32-bit > Server MPM: Prefork > threaded: no > forked: yes (variable process count) > Server compiled with.... > -D APACHE_MPM_DIR="server/mpm/prefork" > -D APR_HAS_SENDFILE > -D APR_HAS_MMAP > -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) > -D APR_USE_SYSVSEM_SERIALIZE > -D APR_USE_PTHREAD_SERIALIZE > -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT > -D APR_HAS_OTHER_CHILD > -D AP_HAVE_RELIABLE_PIPED_LOGS > -D DYNAMIC_MODULE_LIMIT=128 > -D HTTPD_ROOT="" > -D SUEXEC_BIN="/usr/lib/apache2/suexec" > -D DEFAULT_PIDLOG="/var/run/apache2.pid" > -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" > -D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock" > -D DEFAULT_ERRORLOG="logs/error_log" > -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types" > -D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf" > > > Thanks! > > Michael Kohne > Gilbarco Veeder-Root > Mike.Kohne@xxxxxxxxxxxx > > > Please be advised that this email may contain confidential information. > If you are not the intended recipient, please do not read, copy or > re-transmit this email. If you have received this email in error, > please notify us by email by replying to the sender and by telephone > (call us collect at +1 202-828-0850) and delete this message and any > attachments. Thank you in advance for your cooperation and assistance. > > In addition, Danaher and its subsidiaries disclaim that the content of > this email constitutes an offer to enter into, or the acceptance of, > any > contract or agreement or any amendment thereto; provided that the > foregoing disclaimer does not invalidate the binding effect of any > digital or other electronic reproduction of a manual signature that is > included in any attachment to this email. > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|