Hi there --
I am running the LogAnalyzer application on an Ubuntu 10.04 distribution with the Apache 2.2.14 server. My plan is to have both the application's internal authentication and the .htaccess file set up for acess control. I placed the .htaccess file in the directory that contains the webpage in question. The name of the page is index.php, and it is located in the /var/www/logs directory. I confirmed the /etc/apache2/apache2.conf file has the following entry within it:
AccessFileName .htaccess
The text of the .htaccess file is shown below:
AuthName "Log Server Access"
AuthType Basic
AuthUserFile
/etc/apache2/htpasswd.users
require valid-user
I then ran the htpasswd command to create a user account with its password.
After I completed the above steps, I restarted the computer, and brought up a connection to the server. I was not prompted for a password, so the next step that I took was to add the following to the apache2.conf file:
<Directory /var/www/logs>
AllowOverride AuthConfig
order allow,deny
allow from all
</Directory>
When I restarted the computer, and tried to access the page in question, I was confronted with a 500 Internal Server Error message.
The setup that I used is normally meant for authentication to html pages, while the target page is php-based although I did not think that made a difference. I did install the pacakge php-auth-pam that is available with Ubuntu, but I am not sure how to configure it.
Is the first method that I mentioned the correct way to set up authenication, and if so what am I missing there? If the php-auth-pam package is the way to go, how do I configure it?
Thanks.
|