Files and DirectoryIndex conflict?

Knute Johnson <apache@xxxxxxxxxxxxxxxx> · Sat, 28 May 2011 11:51:21 -0700

I'm having a problem using the Files directive to require authentication 

on the index.html file.  It doesn't work if it is requested with the 

index URL but does if the URL specifies the file directly.  I can't 

believe that I'm the only person ever to try to do this but maybe I am.

So if I request http://localhost/ I get the following error and NO user 

name/password dialog.

401 Authorization Required

Authorization Required

This server could not verify that you are authorized to access the 

document requested. Either you supplied the wrong credentials (e.g., bad 

password), or your browser doesn't understand how to supply the 

credentials required.

But if I request http://localhost/index.html I get the Authentication 

Required dialog and can enter the user name and password and then 

receive the file.

I've tested this with FireFox and Chrome.  I'm running Ubuntu 10.10 and 

apache 2.2.16.

Here is the access log from the first request

127.0.0.1 - - [28/May/2011:11:31:16 -0700] "GET / HTTP/1.1" 401 618 "-" 

"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.17) Gecko/20110422 

Ubuntu/10.10 (maverick) Firefox/3.6.17"

and the access log from the second request

127.0.0.1 - knute [28/May/2011:11:30:12 -0700] "GET /index.html 

HTTP/1.1" 200 485 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; 

rv:1.9.2.17) Gecko/20110422 Ubuntu/10.10 (maverick) Firefox/3.6.17"

The error.log is empty.

Here is the virtual host configuration file

<VirtualHost *:80>
	ServerAdmin webmaster@localhost

	DocumentRoot /var/www
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /var/www/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
        # added for testing
        # any files require group any membership
<Files index.html>
        AuthType Basic
        AuthName "ARCLA Lookers"
        AuthUserFile /usr/local/apache/passwords/arcla.pwd
        AuthGroupFile /usr/local/apache/passwords/groups
        Require group lookers players honchos
</Files>
        # this file requires group membership
        <Files status-update.html>
            AuthType Basic
            AuthName "ARCLA Players"
            AuthUserFile /usr/local/apache/passwords/arcla.pwd
            AuthGroupFile /usr/local/apache/passwords/groups
            Require group players honchos
        </Files>
	</Directory>

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride None
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
        # added for testing
        <Files printenv.pl>
            AuthType Basic
            AuthName "test"
            AuthUserFile /usr/local/apache/passwords/arcla.pwd
            AuthGroupFile /usr/local/apache/passwords/groups
            Require group honchos
        </Files>
	</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog ${APACHE_LOG_DIR}/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

</VirtualHost>

The DirectoryIndex directive is in dir.conf

<IfModule mod_dir.c>

          DirectoryIndex index.html index.cgi index.pl index.php 

index.xhtml index.htm

</IfModule>

Thanks,

--

Knute Johnson

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx