Re: [users@httpd] Problem With Password Protection in Apache 2.2

Thu, 15 Nov 2007 11:22:09 -0800 

Joshua Slive wrote:


- Require directive is limited to GET requests. So you don't mind if
people without a password access the content via POST requests?

I just did a cut and paste from an example from some documentation.


Throw away that documentation. It's over a decade out of date. Try here instead:
http://httpd.apache.org/docs/2.2/howto/auth.html


See below.


At this point this is the least of my problems, especially since the
content does not require high security. Once I get the password
protection issue solved then I'll add POST too.


No. You'll solve it by removing the <Limit > and </Limit> altogether.


That didn't make a difference, but I took them out
anyway.

Your advice above about throwing away old documentation is a good one.
I'll make sure I'm only looking at documentation for Apache 2.2 since,
as I've learned, a lot has changed even since version 2.0.


My best guess at your problem is that you are missing one of the
required modules to do auth. As the above docs suggest, you'll need at
least mod_auth_basic, mod_authn_file, and mod_authz_user.


Bingo. That was it. I now have the following:

------------------
LoadModule authz_host_module libexec/mod_authz_host.so
LoadModule auth_basic_module libexec/mod_auth_basic.so
LoadModule authn_file_module libexec/mod_authn_file.so
LoadModule authz_user_module libexec/mod_authz_user.so
------------------

and that does the trick.

So, to summarize, the above modules, plus the below directives
work:

------------------
<Directory /users/chemweb/apache2/http-cchem/htdocs/admittedstudent>
    AuthType Basic
    AuthName "Restricted Files"
    AuthUserFile 
/users/chemweb/apache2/http-cchem/htdocs/admittedstudent/.htpasswd
    Require user gsportal AdmittedStudent
</Directory>
------------------

Thanks to everyone, especially Joshua Slive, for their help.

Cordially,

--
Jon Forrest
Unix Computing Support
College of Chemistry
173 Tan Hall
University of California Berkeley
Berkeley, CA
94720-1460
510-643-1032
[EMAIL PROTECTED]

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to