Just a quick update... after configuring and reconfiguring Apache to no
avail, I took the easy way out (hated to do it)... I downgraded to 0.15, and
the problem is gone. It definitely must be something in the new ASP
authentication routines that is causing Apache to hiccup on it's own
authentication......
If I get some free time in the next few days, I'll mess with 0.16 a bit more
to see if I can figure out exactly what is causing it and why... in the
meantime, if you need any input (or a tester), let me know...
Jeremy Domingue
[EMAIL PROTECTED]
----- Original Message -----
From: "Joshua Chamas" <[EMAIL PROTECTED]>
To: "Jeremy Domingue" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, October 07, 1999 8:03 PM
Subject: Re: Apache::ASP & Apache Authentication?
Its doesn't make any sense to me either. If
you give me a small configuration which reproduces
the problem, I can try to recreate the bug on my
system, which may get us somewhere.
--Joshua
_________________________________________________________________
Joshua Chamas Chamas Enterprises Inc.
NODEWORKS >> free web link monitoring Huntington Beach, CA USA
http://www.nodeworks.com 1-562-683-2142
Jeremy Domingue wrote:
>
> Hey all,
>
> I just upgraded to Apache::ASP 0.16 last night and I've run into an
> interesting problem. This only started happening after the upgrade so I'm
> assuming that it's something that was changed in Apache::ASP.
>
> For some reason, when I have the <Files> directive enabled (so that
> Apache::ASP will run), it seems to cause Apache to stop requesting
> authentication information from a client when that client requests a
> document (or directory) that is protected by the
> AuthName/AuthUserFile/AuthGroupFile directives. As soon as I remove the
> <Files> directive, it works like normal.
>
> This doesn't really make sense to me.... considering the <Files> directive
> only looks at *.asp files, why would it be effecting security on other
> files? Is this a bug in Apache, mod_perl, or Apache::ASP? Has anyone run
> into this before?
>
> Another interesting thing is that it doesn't affect any virtual hosts...
it
> only affects the main web server.
>
> I've tried changing various options, and also tried the <FilesMatch>
> directive instead of <Files>, but I always run into the same thing... the
> only way I can get Apache to request the authentication information is if
I
> remove the <Files> and/or <FilesMatch> directive from the root .htaccess
> file.
>
> I am running Apache 1.3.9, mod_perl 1.21, and Apache::ASP 0.16.
>
> Any input, suggestions, or ideas would be greatly appreciated!
>
> TIA!
>
> Jeremy Domingue
> [EMAIL PROTECTED]
