Apache Authentication 101

Robert Meyer meyer_rm at yahoo.com
Fri Aug 22 18:32:45 EDT 2003 

Typically, the 'Authtype' and 'AuthName' go in the '.htaccess' file in the
directory that you want to protect.  Then you make a '.htpasswd' file to put
the passwords in.

The '.htaccess' file usually looks like:
AuthType basic
AuthUserFile .htpasswd
AuthGroupFile .htgroup
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>

In your <Directory> section, make sure that you have at least:
AllowOverride All

That might make things work...

Cheers!

Bob
--- "Charles H. Root, III" <chazroot at accountsolutionsgroup.com> wrote:
> Hey Gang,
> 
> I'm trying to password protect a directory on a webserver running RedHat 8
> and Apache 2.0.40. If you want to take a look, the site info is:
> 
> URL:		http://athome.accountsolutionsgroup.com
> Username:	athome
> Password:	nosoup4u
> 
> If you've looked, you know why I'm writing... It doesn't ever authenticate,
> it just asks you login over and over and over again.
> 
> This is a virtual host. Here is it's entry in httpd.conf:
> 
> 	# Virtual host athome.accountsolutionsgroup.com
> 	<VirtualHost 172.28.1.25>
>  		DocumentRoot /var/www/html/athome
> 	 	ErrorLog logs/athome_error_log
>  		ServerAdmin admin at accountsolutionsgroup.com
> 	 	ServerName athome.accountsolutionsgroup.com
>  		TransferLog logs/athome_access_log
> 		DirectoryIndex splash.htm
>  		TransferLog logs/athome_access_log
> 	 	ErrorLog logs/athome_error_log
> 
> 	</VirtualHost>
> 
> Since you are prompted to enter a password, I assume that the "How-To's"
> based changes I've made to httpd.conf are working at some level. Here are
> those additions:
> 
> 	<Directory "/var/www/html/athome">
> 		AuthType Basic
> 		AuthName "Authorized Users Only"
>       	AuthUserFile /usr/local/apache/passwd/passwords
> 	      Require User athome
> 	</Directory>
> 
> As root, I set the username and password by executing:
> 
> 	htpasswd -c /usr/local/apache/passwd/passwords athome
> 
> The path and file, /usr/local/apache/passwd/passwords, are valid.
> 
> I'm sure that I'm missing something really simple. Any suggestions greatly
> appreciated!
> 
> Oh yeah... Does anyone on the NFLUG list lunch at Natalie's or Cobti's?
> There's a guy I've seen on several occasions with long hair/ponytail who is
> sporting a Tux baseball cap and Sharp Zaurus. If you're ever at Natalie's
> try the veggie Kibbe sandwhich.... It's a new addition to the menu and quite
> tasty!
> 
> Thanks!
> 
> chaz
> 
> Charles H. Root, III
> Network Operations and Security Manager
> 
> Account Solutions Group
> 205 Bryant Woods South
> Amherst, NY  14228-3608
> 
> v: 716-564-4991
> f: 716-564-4440
> 
> www.accountsolutionsgroup.com
> 
> This communication may contain privileged and/or confidential information. It
> is intended solely for the use of the addressee. If you are not the intended
> recipient, you are strictly prohibited from disclosing, copying, distributing
> or using any of this information. If you receive this communication in error,
> please contact the sender immediately and destroy the material in its
> entirety, whether electronic or hard copy. This communication may contain
> nonpublic personal information about consumers subject to the restrictions of
> the Gramm-Leach-Bliley Act.  You may not directly or indirectly reuse or
> redisclose such information for any purpose other than to provide the
> services for which you are receiving the information.
> ormation.


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

More information about the nflug mailing list