Re: htaccess with SSL

Fri, 16 Jul 1999 00:00:42 -0700 

Remove +FakeBasicAuth option.
YOu can't use Basic Authentication and sinmple cert based client
authentication (what +FakeBasicAuth does) together since the
latter overrides the former mechanism. 

Jim Tay schrieb:
> 
> Hi,
> 
> I have mod_ssl-2.3.5.-1.3.6 running on apache-1.3.6 with openSSL-0.9.3a
> (all the latest stuff as far as I'm aware) running on RedHat 5.2
> 
> I have a discussion board that I'm trying to enable user-authentication
> on, but I can't seem to get my SSL-enabled web site to recognize my
> .htaccess files.  I have created the same discussion site with the same
> .htaccess files in a non-SSL part of my web site and it works;  a popup
> window prompts the user for name and password when they try to access
> the discussion board.  When I access the discussion board on the
> SSL-enabled site, it just goes straight into the site without the popup
> appearing.
> 
> Here's my .htaccess file:
> --------------
> AuthUserFile /home/.htpasswd
> AuthGroupFile /home/.htgroup
> AuthName "Restricted Forum"
> AuthType Basic
> require group it-team
> --------------
> 
> Here's my httpd.conf file (only the uncommented SSL stuff):
> --------------
> <IfDefine SSL>
> <VirtualHost _default_:443>
> 
> SSLEngine on
> SSLCertificateFile    /etc/httpd/conf/ssl.crt/ursa.cer
> SSLCertificateKeyFile /etc/httpd/conf/ssl.key/ursa.key
> 
> SSLOptions +FakeBasicAuth
> 
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> CustomLog /etc/httpd/logs/ssl_request_log \
>           "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> 
> </VirtualHost>
> 
> </IfDefine>
> --------------
> 
> I thought using the FakeBasicAuth option would do it, but it's not
> working.  Do I need to use the SSLRequire directive?  It seemed too
> complicated for a newbie like me to tackle.
> 
> I've looked through the manual and searched the mailing list but I
> haven't been able to find a solution that works for me.  Do you have any
> ideas?
> 
> Thanks!
> Jim Tay
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
> User Support Mailing List                      [EMAIL PROTECTED]
> Automated List Manager                            [EMAIL PROTECTED]

-- 
Holger Reif                  Tel.: +49 361 74707-0
SmartRing GmbH               Fax.: +49 361 7470720
Europaplatz 5             [EMAIL PROTECTED]
D-99091 Erfurt                    WWW.SmartRing.de
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to