On 05/16/2011 09:05 AM, Tom Evans wrote:
On Fri, May 13, 2011 at 3:57 PM, Knute Johnson<apache@xxxxxxxxxxxxxxxx> wrote:<VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all # added for testing # any files require group any membership <Files index.html> AuthType Basic AuthName "ARCLA Lookers" AuthUserFile /usr/local/apache/passwords/arcla.pwd AuthGroupFile /usr/local/apache/passwords/groups Require group lookers players honchos </Files> # this file requires group membership <Files status-update.html> AuthType Basic AuthName "ARCLA Players" AuthUserFile /usr/local/apache/passwords/arcla.pwd AuthGroupFile /usr/local/apache/passwords/groups Require group players honchos </Files> </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all # added for testing <Files printenv.pl> AuthType Basic AuthName "test" AuthUserFile /usr/local/apache/passwords/arcla.pwd AuthGroupFile /usr/local/apache/passwords/groups Require group honchos </Files> </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost> Log when requesting http:/localhost/ 127.0.0.1 - - [13/May/2011:07:53:54 -0700] "GET / HTTP/1.1" 401 618 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.17) Gecko/20110422 Ubuntu/10.10 (maverick) Firefox/3.6.17" 127.0.0.1 - - [13/May/2011:07:53:54 -0700] "GET /favicon.ico HTTP/1.1" 404 500 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.17) Gecko/20110422 Ubuntu/10.10 (maverick) Firefox/3.6.17" 127.0.0.1 - - Log when requesting http:/localhost/index.html 127.0.0.1 - - [13/May/2011:07:56:23 -0700] "GET /index.html HTTP/1.1" 401 665 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.17) Gecko/20110422 Ubuntu/10.10 (maverick) Firefox/3.6.17" 127.0.0.1 - knute [13/May/2011:07:56:26 -0700] "GET /index.html HTTP/1.1" 200 484 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.17) Gecko/20110422 Ubuntu/10.10 (maverick) Firefox/3.6.17" Thanks,Sorry, I think I misunderstood your problem. Let me re-state it, so that we can agree on that :) OP is trying to require basic authentication for /index.html. When requested directly, it works as expected - UA is prompted for auth, and Apache responds correctly. When requested as part of DirectoryIndex lookup, UA does not prompt for auth, and simply returns a 401 response. What is confusing me is that the UA should prompt for auth on receiving a 401 response, and then resubmit the request with basic auth tokens. If you start with a completely clean browser (it can be hard to clear basic auth credentials from a browser), do you have different behaviour when requesting '/'? Cheers Tom
We agree on the problem and on what we thought should happen. I do restart the browser for every test. I have tested it with Firefox and Chrome, same result.
Just to reiterate, I'm testing this on Ubuntu Linux 10.10 and apache 2.2.16 (Ubuntu). The only changes I've made to the configuration files are what I've posted.
I've googled around but I can't find anything similar. It's hard to believe that I'm the only one that's ever tried this :-).
Thanks, -- Knute Johnson --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|