I realize that wasn't a very complete response A) replace "/status" with your location/directory. B) the Tag can be <Location> for any mapping to that url, or <Directory> if it is a static directory on your server. C) this is assuming you have a centralized user/pass file at /etc/apache2/htusers D) if not, you need to create .htaccess, and .htpasswd files in the directories you want to authenticate. On Fri, 2009-01-30 at 16:20 -0700, Sheldon Ross wrote: > First your site file need to contains > > <Location "/status"> > AuthName "Private Site" > AuthType basic > AuthUserFile /etc/apache2/htusers > require valid-user > </Location> > > And I've found that a force-reload doesn't always recognize this, you(I > anyway) have to actually restart apache to get it to recognize this. > > > On Fri, 2009-01-30 at 14:52 -0800, Kohne, Mike wrote: > > I'm running apache 2.2.3 on an Ubuntu 8.04 server. The server is a > > VMWare machine that I use for all my debugging. > > > > I have AuthType Basic directives inside <Directory > blocks in my site > > config file. > > Right now, I'm finding that no one is ever being asked for > > username/password. Ever. > > At first I thought it was just my browser being agressive in caching > > credentials, but I've restarted browsers, installed new browsers, > > changed passwords and even removed the passwd and groups files - I still > > have no problems accessing the content. > > > > I even ran a wireshark trace of a transaction and I only saw the > > original GET and the response. > > > > I tried removing the symlink from sites-enabled and I was no longer able > > to access the content. Therefore, I conclude that apache IS reading the > > site file. > > > > Obviously something is screwed up on my system, but I'm pretty sure this > > config file hasn't changed in months (I looked in CVS), and I'm pretty > > clear that it was working when last it was modified. > > > > > > > > Can anyone give me a clue as to what I'm doing wrong here? How the heck > > do I debug this? I set LogLevel to debug in both this file and the > > apache2.conf file, with nothing of interest showing up. > > > > > > > > > > My site config file is in sites-available with a symlink from > > sites-enabled. > > /etc/apache2$ ls -al sites-available/ > > -rwxr-xr-x 1 root root 2788 2009-01-30 16:59 cfn > > > > /etc/apache2$ ls -al sites-enabled/ > > lrwxrwxrwx 1 root root 32 2009-01-30 17:28 cfn -> > > /etc/apache2/sites-available/cfn > > > > > > Here's the site config file: > > > > NameVirtualHost * > > <VirtualHost *> > > ServerAdmin webmaster@localhost > > > > DocumentRoot /var/www/html > > > > # Michael Kohne 2/26/08 > > # For some reason, Options +Includes doesn't work if used > > # inside a DirectoryMatch block, or a Directory block which > > # uses regex to match the directory name. > > # Thus, I've eliminated all DirectoryMatch blocks. > > <Directory cfn/level_2> > > AuthType Basic > > AuthName "Gasboy CFN 4" > > AuthUserFile /etc/opt/cfn/passwd > > AuthGroupFile /etc/opt/cfn/groups > > Require group level_2 > > > > Options +Includes Indexes MultiViews FollowSymLinks > > AllowOverride None > > Order allow,deny > > Allow from all > > </Directory> > > # NOTE: should be the same as cfn/level_2 > > <Directory cfn/html> > > AuthType Basic > > AuthName "Gasboy CFN 4" > > AuthUserFile /etc/opt/cfn/passwd > > AuthGroupFile /etc/opt/cfn/groups > > Require group level_2 > > > > Options +Includes Indexes MultiViews FollowSymLinks > > AllowOverride None > > Order allow,deny > > Allow from all > > </Directory> > > > > <Directory cfn/level_6> > > AuthType Basic > > AuthName "Gasboy CFN 4" > > AuthUserFile /etc/opt/cfn/passwd > > AuthGroupFile /etc/opt/cfn/groups > > Require group level_6 > > > > Options +Includes Indexes MultiViews FollowSymLinks > > AllowOverride None > > Order allow,deny > > Allow from all > > </Directory> > > > > # should be same as cfn/level_6 > > <Directory cfn/html/level_6> > > AuthType Basic > > AuthName "Gasboy CFN 4" > > AuthUserFile /etc/opt/cfn/passwd > > AuthGroupFile /etc/opt/cfn/groups > > Require group level_6 > > > > Options +Includes Indexes MultiViews FollowSymLinks > > AllowOverride None > > Order allow,deny > > Allow from all > > </Directory> > > > > ScriptLog logs/cgi_log > > ScriptAlias /cgi-bin/ /var/www/cgi-bin/ > > <Directory "/var/www/cgi-bin/"> > > AllowOverride None > > Options ExecCGI -MultiViews +SymLinksIfOwnerMatch > > FollowSymLinks > > Order allow,deny > > Allow from all > > </Directory> > > > > ErrorLog /var/log/apache2/error.log > > > > # Possible values include: debug, info, notice, warn, error, > > crit, > > # alert, emerg. > > LogLevel debug > > > > CustomLog /var/log/apache2/access.log combined > > ServerSignature On > > > > </VirtualHost> > > > > > > > > > > > > > > > > apache2 -V output: > > Server version: Apache/2.2.3 > > Server built: Feb 4 2008 20:19:27 > > Server's Module Magic Number: 20051115:3 > > Server loaded: APR 1.2.7, APR-Util 1.2.7 > > Compiled using: APR 1.2.7, APR-Util 1.2.7 > > Architecture: 32-bit > > Server MPM: Prefork > > threaded: no > > forked: yes (variable process count) > > Server compiled with.... > > -D APACHE_MPM_DIR="server/mpm/prefork" > > -D APR_HAS_SENDFILE > > -D APR_HAS_MMAP > > -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) > > -D APR_USE_SYSVSEM_SERIALIZE > > -D APR_USE_PTHREAD_SERIALIZE > > -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT > > -D APR_HAS_OTHER_CHILD > > -D AP_HAVE_RELIABLE_PIPED_LOGS > > -D DYNAMIC_MODULE_LIMIT=128 > > -D HTTPD_ROOT="" > > -D SUEXEC_BIN="/usr/lib/apache2/suexec" > > -D DEFAULT_PIDLOG="/var/run/apache2.pid" > > -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" > > -D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock" > > -D DEFAULT_ERRORLOG="logs/error_log" > > -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types" > > -D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf" > > > > > > Thanks! > > > > Michael Kohne > > Gilbarco Veeder-Root > > Mike.Kohne@xxxxxxxxxxxx > > > > > > Please be advised that this email may contain confidential information. > > If you are not the intended recipient, please do not read, copy or > > re-transmit this email. If you have received this email in error, > > please notify us by email by replying to the sender and by telephone > > (call us collect at +1 202-828-0850) and delete this message and any > > attachments. Thank you in advance for your cooperation and assistance. > > > > In addition, Danaher and its subsidiaries disclaim that the content of > > this email constitutes an offer to enter into, or the acceptance of, > > any > > contract or agreement or any amendment thereto; provided that the > > foregoing disclaimer does not invalidate the binding effect of any > > digital or other electronic reproduction of a manual signature that is > > included in any attachment to this email. > > > > --------------------------------------------------------------------- > > The official User-To-User support forum of the Apache HTTP Server Project. > > See <URL:http://httpd.apache.org/userslist.html> for more info. > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|