You need put password directives in proxy balancer:
<Proxy balancer://mongrel_cluster>
BalancerMember http://127.0.0.1:8000
BalancerMember http://127.0.0.1:8001
BalancerMember http://127.0.0.1:8002
AuthType Basic
AuthName "Restricted"
AuthBasicProvider file
AuthUserFile /www/mysite/users/userdb
Require valid-user
</Proxy>
Regards
Sean Brown escribió:
A question about mongrel, apache and authentication.
I've got a Rails site with I think a very typical setup: a mongrel
cluster behind an Apache proxy. So Apache's handling the static stuff
and it hands off dynamic content to mongrel. I want to put the site
temporarily behind Apache's basic authentication. What I get when I
do this is that is a password prompt which prevents all of the images,
stylesheets and other static files from being loaded unless
authenication passes, but anything mongrel handles is not.
Specifically, a user can just keep hitting "Cancel" at the
browser-generated password prompt and he/she will see that rails
generated content without ever entering any credentials. No styling
and no images, but they do see content. How can I fix it? Mongrel
does not seem to be honoring the authentication (and frankly, I don't
know if it can). Here's my apache config:
<VirtualHost *:80>
ServerAdmin [EMAIL PROTECTED]
DocumentRoot /www/mysite/current/public
ServerName www.mysite.com
ErrorLog /www/mysite/logs/mysite.error.log
CustomLog /www/mysite/logs/mysite.access.log combined
<Directory "/www/mysite/current/public">
Options FollowSymLinks
AllowOverride AuthConfig Limit
Order allow,deny
Allow from all
AuthType Basic
AuthName "Restricted"
AuthBasicProvider file
AuthUserFile /www/mysite/users/userdb
Require valid-user
</Directory>
RewriteEngine On
# Check for maintenance file and redirect all requests
# ( this is for use with Capistrano's disable_web task )
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
RewriteCond %{SCRIPT_FILENAME} !maintenance.html
RewriteRule ^.*$ /system/maintenance.html [L]
# Rewrite index to check for static
RewriteRule ^/$ /index.html [QSA]
# Rewrite to check for Rails cached page
RewriteRule ^([^.]+)$ $1.html [QSA]
# Redirect all non-static requests to cluster
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://mongrel_cluster%{REQUEST_URI} [P,QSA,L]
# Deflate
AddOutputFilterByType DEFLATE text/html text/plain text/css
# ... text/xml application/xml application/xhtml+xml text/javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
<Proxy balancer://mongrel_cluster>
BalancerMember http://127.0.0.1:8000
BalancerMember http://127.0.0.1:8001
BalancerMember http://127.0.0.1:8002
</Proxy>
</VirtualHost>
_______________________________________________
Mongrel-users mailing list
[email protected]
http://rubyforge.org/mailman/listinfo/mongrel-users
--
Rafael Garcia Ortega
begin:vcard
fn;quoted-printable:Rafael Garc=C3=ADa Ortega
n;quoted-printable:Garc=C3=ADa Ortega;Rafael
org:ASPgems S.L.
email;internet:[EMAIL PROTECTED]
tel;work:692686533
x-mozilla-html:FALSE
url:http://www.aspgems.com
version:2.1
end:vcard
_______________________________________________
Mongrel-users mailing list
[email protected]
http://rubyforge.org/mailman/listinfo/mongrel-users
