Authentication problems 2005-01-14 - By Leif W
> Alan Lloyd [Hosting Reserve]; 2005 January 14 Friday 05:40
>
> I am having a few problems with authentication. No matter what I do I
> can not set up a password protected directorys.
With all the information provided, there is definitly some pieces
missing.
A few things in the httpd.conf file look odd at the very end.
LoadModule suexec_module modules/mod_suexec.so
Include /etc/httpd/conf/httpd.include
AddType text/html .shtml
First of all, what are the contents of the httpd.include file? Every
time you include external config files, you must think of it all in
terms of one big file with everything included recursively (i.e. if that
httpd.include file includes yet another something.conf, a scenario I use
regularly), because that is how it will appear to Apache.
Second, it seems odd to have this stray LoadModule at the end. I am not
sure if there is still some importance for the order of module loading.
In any case, it is usually much more helpful when debugging in the
future, if all your LoadModules are in a central location, or
assosciated with specific conf files and IfModule or IfDefine
conditions. Same for the AddType. It's easier to keep track of
everything when you group them. It's your choice though.
Ok, about the error logs, you post one error log, but it may or may not
even be the RIGHT error log. That would appear to be the main server
error log. It indicates that you have multiple bogus or otherwise
misconfigured SSL certificates. I would fix that first to rule out any
problems if you're trying to do the basic auth over SSL/TLS. This may
not be critical, as the errors seem to be about Common Name mismatches,
which usually only cause browser notifications. But when you have
multiple non-critical errors working together, funky things might happen
with no clear culprit. But that's just my opinion to resolve them
though.
Does that httpd.include file define VirtualHosts, specifically one for
tor-bay.co.uk? Does it have it's own error and access logs? You need
to post the relevent bits from the relevant log files.
Most importantly, where is the stuff you're trying to put into .htaccess
files or Directory blocks? Just saying "it doesn't work" is useless if
you don't say what "it" you're trying to do and what "it" the server is
having a problem with.
And finally, there is absolutely no guarantee that one .htpasswd file
will work with another server. I've used Apache 2, same exact version,
to generate htpasswd files on Win32 with MD5 and Linux with crypt, and
the two do not always work correctly on each server. Try using
natively-generated .htpasswd file with test username and password, to
rule that out as a possible problem. Though this is NOT where your
problem is currently. The symptom of this problem is that you get an
auth pop up dialog (which you don't even have yet), you give the correct
username and password, and Apache tells you it's bad. First you need to
fix the pop up problem, which I think might be caused by a broken
.htaccess config.
Leif
> I have tried using .htaccess, a directory container in the conf file
> even tried using plesk (plesk does it automatically in the conf file).
>
> When I set everything up all I get is a 401 error. There is no pop-up
> login box. So no chance to even enter a passwd.
>
> Other directives in .htaccess files seem to work ok. Just not
> authentication!
>
> I do get some errors in the logs but nothing I understand! (see below)
>
> The server is only a week only RH9 running
> httpd 2.0.40-21.17.legacy
> php 4.3.10-1.rh90.art
> mod_python 3.0.1-4
> mod_perl 1.99_07-5
> perl-Apache-ASP 2.57-rh9.build75041216.14
>
> I am not that hot on *nix stuff and this has really got me stumped.
> The syntax of the .htaccess files are correct as they work when moved
> to other servers (with path changes obviously)
>
> I have posted a copy of my conf file here if anyone wants to take a
> look
> http://tor-bay.co.uk/httpd_conf.txt
>
> Here is the error log (not live)
> http://tor-bay.co.uk/error_log.txt
>
> The directory I am trying to protect is
> http://tor-bay.co.uk/admin/
>
> The server php info page can be seen here if needed
> http://hosting-reserve.co.uk/info.php
>
> There are no errors logged (debug) when accessing the page that should
> be protected except 404 (error page not found) in the domain log.
> Server log shows errors when I restart apache (see end of log file for
> latest restart)
>
> I have googled for the past two days with no luck. Hope someone has
> some ideas. I did check with the plesk support team but they assure me
> it can not be a plesk problem as plesk does not change or interfere
> with apache in any way. The did suggest it may be a permissions
> problem but they look correct.
>
> When you look at the httpd_conf.txt file you will see some of the
> modules have been commented out. That was me, they were all live. I
> have just been trying to comment things out to see if that helps.
>
> I don't have much of a clue about re-compiling programs etc on RH9 so
> please keep it simple for me if you do have any ideas :)
>
> Thanks in advance
> Alan
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@(protected)
> " from the digest: users-digest-unsubscribe@(protected)
> For additional commands, e-mail: users-help@(protected)
>
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@(protected)
" from the digest: users-digest-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)
|
|
