RE: [users@httpd] R: [users@httpd] Authentication realms

[Dave Beach]

Thanks for the message. That certainly sounds plausible to me.   I've temporarily worked around the problem by placing a .htaccess file in the directories with *.wmv files, and putting "Satisfy Any" and "Allow from all" statements in them. Pretty much defeats the purpose of the access control, but at least I can be reasonably assured that users were authenticated in a superior directory anyway.   There must be an answer to this somewhere, if I only knew where to look. If your message does indeed describe the reason why this is happening, I'm curious why MS wouldn't allow for authentication credentials to be passed from the originating browser session to the new session - particularly as it's a case of IE firing up Windows Media Player. From: Chris Ayoub [mailto:[EMAIL PROTECTED] Sent: January 3, 2006 10:11 AM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] R: [EMAIL PROTECTED] Authentication realms I'm kind of jumping into the middle of this thread since I have just subscribed recently, but I believe that if an external media player is launched by clicking on the file, then that application will start a different session with the server and cause re-authentication since it is technically a new client... not sure if that helps at all, but I've seen this before so I thought I would throw it in. Dave Beach wrote: Interesting. Right-clicking and saving the file from the browser works. A left-click to open it directly doesn't. Hmm. -----Original Message----- From: Sebastian Gil [mailto:[EMAIL PROTECTED]] Sent: January 3, 2006 9:41 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] R: [EMAIL PROTECTED] Authentication realms Is this happening when you download the file or when you try to open it directly from the browser? Maybe it's a problem with the media player plugin -----Messaggio originale----- Da: Dave Beach [mailto:[EMAIL PROTECTED]] Inviato: martedì 3 gennaio 2006 15.34 A: users@httpd.apache.org Oggetto: RE: [EMAIL PROTECTED] Authentication realms Thanks for the reply. I've been through the FAQ again, and don't see where URL space is relevant (although I'm sure that's a deficiency in my understanding). Consider www.foo.com (hypothetically - I've just realized that's actually a real site), and that /usr/local/apache2/htdocs is set as AuthName "bar" in httpd.conf. Everything behaves perfectly as expected, except a link to /usr/local/apache2/htdocs/foobar/foobar.wmv causes a re-prompt for authentication credentials. In the client popup, the user is advised that a password is required for www.foo.com. The link that causes this is from /usr/local/apache2/htdocs/index.htm, and merely points to "foobar/foobar.wmv". For every other link and file on the server, authentication seems to be working exactly the way I would have expected. For example, a link that points to "foobar/picture.jpg" does not cause an authentication re-prompt. I realize I'm repeating myself here, but I'm trying to illustrate that I'm not sure how this is a URL space issue. I've re-looked at the FAQ again, and made two changes - I set UseCanonicalName to off in httpd.conf, and I added an .htaccess file in /usr/local/apache2/htdocs/foobar that simply repeats "AuthName "bar"". Still no joy. I appreciate your patience; perhaps a slightly more detailed pointer would nudge me in the right direction. -----Original Message----- From: Nick Kew [mailto:[EMAIL PROTECTED]] Sent: January 3, 2006 2:24 AM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] Authentication realms On Monday 02 January 2006 22:57, Dave Beach wrote: Hi list! I'm having a small problem. I have basic authentication set up (httpd v2.2.0), and it works as I would expect - except that when a user requests a Windows Media file (wmv) from a subordinate page, the client browser prompts again for the user's credentials. That's the browser doing the prompting. Which means the *browser* sees the wmv file as not being within the already-authenticated area. You need to sort out your URL space. The internal organisation of Apache (thngs like directories) is not relevant (except indirectly, when it affects URL space). There's a FAQ entry that might be relevant to you. -- Nick Kew --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]