LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-02-2005, 11:46 AM   #1
Dillius
Member
 
Registered: Jan 2004
Location: Georgia
Distribution: Debian Etch
Posts: 99

Rep: Reputation: 15
Apache Authentication problem...


I've been working on setting up authetntication for an apache server I am running on my mandrdake 10.1 box, mainly to be used as a fileserver for my friends and I an dpossibly just a news site for people I know that are out of town. THe current problem is that I attempted to set up Digest authentication on the server so that people who were just trying out random IP addresses along the school's network wouldn't be able to just find our stuff and begin downloading. I currently have the directory Alias's I wish to have protected given this:

AuthType Digest
AuthName "Invite only access"
AuthDigestFile /etc/httpd/.htpasswd/users
require valid-user

I have checked and I believe the file for the user names and passwords to be correct, even though I was unsure as to what they wanted for a "realm"

The problem so far is that, even though it is properly blocking the directories, at no point does as popup box come up asking for a name or password. I'm sure it's probably some simply line of code that I don't know about, but after reading through an oreilly book for a bit, seraching this site and googling around, I still have been unable to find any kind of complete guide to how to go about doing this.

Any kind of help figuring this out would be appreciated.
 
Old 03-02-2005, 11:56 AM   #2
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 126Reputation: 126
I am curious why you are using "Digest" access instead of "basic" (the more-or-less norm for password protected directories with apache)
 
Old 03-02-2005, 01:14 PM   #3
Dillius
Member
 
Registered: Jan 2004
Location: Georgia
Distribution: Debian Etch
Posts: 99

Original Poster
Rep: Reputation: 15
Well it was my understanding that Basic was completely unencrypted, and from the looks of things it did not appear that configuring digest was any more complicated. I had planend on hopefully expanding this site one way or another, so I was going to simply go with an encrypted password system.

Besides, my school is absolutely full of nerds like me. I wouldn't put it past some of them to know some tricks.

Is it really a problem that it's digest instead of basic?

EDIT: And I just tried it as basic instead of digest, and still no go. Still no request for my name and password.

Last edited by Dillius; 03-02-2005 at 01:20 PM.
 
Old 03-02-2005, 01:43 PM   #4
NoStop
Member
 
Registered: Feb 2005
Location: Canada
Distribution: Debian Etch - Enlightenment E17
Posts: 116

Rep: Reputation: 15
Basic is not unencrypted. You need to setup a password file that holds encrypted passwords outside of any web accessible directory. Assuming you're using Apache 2.0 you can find the docs here ...

http://httpd.apache.org/docs-2.0/mod/core.html

3/4 of the way down the page you'll see the info on basic with this sample code:

AuthType Basic
AuthName "Restricted Resource"
AuthUserFile /web/users
AuthGroupFile /web/groups
Require group admin

Apache says this is the preferred method over using .htaccess

There are links in that section that tell you how to setup groups, users and passwords.

HTH

Cheers
 
Old 03-02-2005, 01:50 PM   #5
Dillius
Member
 
Registered: Jan 2004
Location: Georgia
Distribution: Debian Etch
Posts: 99

Original Poster
Rep: Reputation: 15
I already have done all of this, and there is no pop up box. I have added that code, and all that happens when I try to go to that link is that it deny's me access and never gives me the option to enter a name and password.
 
Old 03-02-2005, 03:09 PM   #6
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 126Reputation: 126
Do you get a 403 or 500?

Also, is apache allowing overrides from .htaccess files?

Also, a .htpasswd directory could be problematic, though I am not sure.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
apache authentication problem handu Linux - Software 3 11-10-2005 06:13 PM
Apache Authentication Problem sbrewer Linux - Software 1 08-23-2004 02:24 PM
Apache (httpd) 2.0 conf authentication problem HELP!!! bleah-man Linux - Software 14 08-18-2003 10:04 AM
apache 1.3.27, basic authentication problem Robert0380 Linux - Software 6 06-08-2003 10:51 PM
Apache Authentication AgentRn007 Linux - Software 2 03-27-2003 07:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 05:22 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration