Re: apache authentication

Sat, 22 Mar 2003 08:47:22 -0800

Joseph A Nagy Jr wrote:
Ernst-Magne Vindal wrote:

Hi
I'm trying to set up a site under my main site with auth, but can get it
working.
What I have done is:
htpasswd -c /usr/local/apache/passwd/passwords username


Okay

chown root.nogroup /usr/local/apache/passwd/passwords


I create the file as root and leave it's ownership status alone.

chmod 640 /usr/local/apache/passwd/passwords


I also don't chmod any differently then the default.


I have also tried with the password file named .htpasswd, but the result is the same.


I don't use .htaccess as it causes apache to take a performance hit (read the apache manual for more about that)


and for the access file:
AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /usr/local/apache/passwd/passwords
Require user username



<Directory "/www/mc-luug/cgi-bin/awstats/">
 AuthType  Basic
 AuthName  "AW Stats"
 AuthUserFile  /etc/apache/passwords/awstats
 Require  valid-user
</Directory>

Works consistantly.


I have almost the same config for users home dir, and thats working
fine. The only difference is that I use "Require valid-user" insted of
the config above.

Can anyone pls help?


Trash the pw file, create a new one, leave it alone, then just use Require valid-user

If need be, keep a seperate pw file for the "By invite Only" and your other protected dir.


I'm running debain 2.4.20 and apache 1.3.27-0.1

/ernst





OK, now we are getting somewhere, thanks to Joseph

In the users home dir I have a .htaccess file, I didn't do anything with that on.

But for 'sites og pages' under /var/www/ I removed the .htaccess file and put the config in httpd.conf instead, and it worked like charm:)

Everything under /www is owned by www-data, but if I change the rights with chmod 600, wich also was suggested, i didn't get access at all.

But...
If I want more sites/pages under /www to have authentication, how to do that? Can I do:

<Directory "/var/www/na">
AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /usr/local/apache/passwd/.htpasswd
Require valid-user
</directory>
<Directory "/var/www/test">
AuthType Basic
AuthName "Test site"
AuthUserFile /usr/local/apache/passwd/.htpasswd
Require valid-user
</directory>

Many thanks for help

--
/ernst


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to