[NTLUG:Discuss] No login challenge
Paul Ingendorf
pauldy at wantek.net
Wed Dec 31 02:32:10 CST 2003
Something I've been dealing with all day today is that apache doesn't seem
to like to play nice if permissions are not explicitly assigned to a
directory.
make sure you don't have any stray .acl files laying around clogging up the
works.
Apache.conf check this
<Directory />
Options +All +Multiviews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/cgi-bin>
AllowOverride All
Options All MultiViews +Indexes
AddHandler cgi-script cgi pl
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
Allow from all
</Limit>
</Directory>
as for your .htaccess file go with something simple first like
AuthType Basic
AuthName "Restricted Site"
AuthUserFile /var/www/SitePsw/password
Require valid-user
Drop the contents of this .htaccess file in your root directory and see if
it works if it does
You may also want to make sure mod_perl is disabled until you get a handle
on this.
This should be enough to at least get it working right.
You can test this by doing the following.
telnet yourip 80 # wait for the connection
GET /yourfile HTTP/1.1
Host: yourwebhost
You should receive something along the lines of the following:
HTTP/1.1 401 Authorization Required
Date: Wed, 31 Dec 2003 08:20:37 GMT
Server: Apache/2.0.40 (Unix) (Red-Hat/Linux) PHP/4.3.4 mod_ssl/2.8.7
OpenSSL/0.9.7g DAV/1.0.2.
X-Powered-By: PHP/4.3.4
WWW-authenticate: basic realm="Restricted Site"
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
The first and fifth lines are important these are the two lines that
browsers look at. Many however only trigger the password dialogue when they
receive the WWW-authenticate header.
HTTP/1.1 401 Authorization Required
WWW-authenticate: basic realm="Restricted Site"
More information about the Discuss
mailing list