I'm using Apache v2.2.4 (on Windows Server 2003) and
I'm trying to use both SSPI and Basic Authentication
together so that both Domain and non-domain users can
log in to my Trac Wiki site.
Withi this config:
<LocationMatch "/cgi-bin/trac.cgi/[^/]+/login">
# Domain Login
AuthName "my domain"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative Off
SSPIDomain MYDOMAIN
SSPIOfferBasic On
SSPIOfferSSPI Off
SSPIOmitDomain On
SSPIPerRequestAuth On
# Non-domain login
AuthType Basic
AuthBasicAuthoritative Off
AuthUserFile D:/wikis/trac.htpasswd
Require valid-user
</LocationMatch>
It only allows Domain users to log in. Its not
falling back to Basic via AuthUserFile.
If I turn off SSPI, then it allows Basic Auth (but
obviously not Domain login).
Searching the web, I've found a few people with
similar problems, but no real solution:
http://svn.haxx.se/users/archive-2006-09/1384.shtml
and
http://www.svnforum.org/2017/viewtopic.php?p=11517
The error I get in the error.log is: "...Logon
failure: unknown user name or bad password. : user
MYDOMAIN\\nondomainuser: authentication failure for
"/cgi-bin/trac.cgi/foo/login"
So, it seems as though it's always prepending the
domain, even when falling back to Basic, or its not
falling back at all.
Is there some other module I have to install to
support falling back?
Any ideas as to what else I may be doing wrong?
Thanks.
Brian
____________________________________________________________________________________
Need a vacation? Get great deals
to amazing places on Yahoo! Travel.
http://travel.yahoo.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
