Boyle Owen wrote:
-----Original Message-----
From: Patrick Horgan [mailto:phorg...@yahoo.com]
Sent: Wednesday, January 06, 2010 6:41 AM
To: users@httpd.apache.org
Subject: [us...@httpd] Multiple ssh login prompts
On a site that I set up on fedora, https://ootbcomp.com, which brings
you to a mediawiki installation, there are ten ssl login prompts each
above the other, so if you log in to one of them, the next
one down in
the stack appears in my firefox browser. If I log in ten times I get
the site, if I log in once and cancel the other nine I get
one pane of
the site and a refresh in the browser gets the whole site.
After that
I'm not prompted again unless I restart the browser of course. Does
anyone have any idea what I did? I've never seen this
behavior before.
The system:
How are your Basic Auth realms defined? Do you have a single realm with
all content within? Or many parallel realms? Or nested realms?
Just one, set up in the Directory for wiki. Here's my ssl.conf
LoadModule ssl_module modules/mod_ssl.so
Listen 443
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<VirtualHost _default_:443>
DocumentRoot "/var/www/https"
DefineExternalAuth pwauth pipe /usr/local/libexec/pwauth
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/ootbcomp.crt
SSLCertificateKeyFile /etc/pki/tls/private/ootbcomp.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/https/">
Allow From All
AuthBasicProvider external
AuthBasicAuthoritative Off
AuthType Basic
AuthName "Password Required"
AuthExternal pwauth
Options FollowSymLinks
Require valid-user
</Directory>
<Directory "/var/www/https/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
Include /etc/httpd/conf.d/mailman.conf
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ScriptAlias /cgi-bin "/var/www/https/cgi-bin/"
Include /etc/httpd/conf.d/millwiki.include
</VirtualHost>
It includes inside the virtual host the mailman configuration and the
wiki configuration.
Here's the mailman.conf:
ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/
<Directory /usr/lib/mailman/cgi-bin/>
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
Alias /pipermail/ /var/lib/mailman/archives/public/
<Directory /var/lib/mailman/archives/public>
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
AddDefaultCharset Off
</Directory>
RedirectMatch ^/mailman[/]*$ http://s2.ootbcomp.com/mailman/listinfo
and here's the millwiki.conf
Alias /wiki /home/ootbc/site/https/htdocs/mediawiki/index.php
Alias /index.php /home/ootbc/site/https/htdocs/mediawiki/index.php
<Directory "/home/ootbc/site/https/htdocs/mediawiki">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/home/ootbc/site/https/htdocs/mediawiki/upload">
AllowOverride None
AddType text/plain .html .htm .shtml
</Directory>
<Directory /home/ootbc/site/https/htdocs/mediawiki/config>
Options -FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/ootbc/site/https/htdocs/mediawiki/images>
Options -FollowSymLinks
AllowOverride None
</Directory>
RewriteEngine on
RewriteRule ^/wiki/en/(.*)$
/home/ootbc/site/https/htdocs/mediawiki/wiki.phtml?title=$1
You mention "panes" so I guess that components of the site are loaded
with dojo ContentPanes or iframes or similar? If so, how do the hrefs
look? Do they have absolute URLs
(href="https://ootbcomp.com/path/to/content") or relative links
(href="/path/to/content")?
The wiki seems to only use relative for it's content, certainly so for
this initial load. The gets upon connecting unauthenticated (from
ssl_request_log) are:
99.61.74.22 - - [06/Jan/2010:09:52:12 -0800] "GET /wiki/Main_Page
HTTP/1.1" 200 7309
99.61.74.22 - - [06/Jan/2010:09:52:24 -0800] "GET
/mediawiki/index.php?title=MediaWiki:Monobook.css&usemsgcache=yes&ctype=text%2Fcss&smaxage=18000&action=raw&maxage=18000
HTTP/1.1" 401 480
99.61.74.22 - - [06/Jan/2010:09:52:28 -0800] "GET
/mediawiki/skins/common/shared.css?207 HTTP/1.1" 401 480
99.61.74.22 - - [06/Jan/2010:09:52:34 -0800] "GET
/mediawiki/skins/common/commonPrint.css?207 HTTP/1.1" 401 480
99.61.74.22 - - [06/Jan/2010:09:52:38 -0800] "GET
/mediawiki/index.php?title=-&action=raw&maxage=18000&gen=css HTTP/1.1"
401 480
99.61.74.22 - - [06/Jan/2010:09:52:40 -0800] "GET
/mediawiki/skins/monobook/main.css?207 HTTP/1.1" 401 480
99.61.74.22 - - [06/Jan/2010:09:52:40 -0800] "GET
/mediawiki/skins/common/ajax.js?207 HTTP/1.1" 401 480
99.61.74.22 - - [06/Jan/2010:09:52:42 -0800] "GET
/mediawiki/skins/common/wikibits.js?207 HTTP/1.1" 401 480
99.61.74.22 - - [06/Jan/2010:09:52:42 -0800] "GET
/mediawiki/index.php?title=-&action=raw&gen=js&useskin=monobook
HTTP/1.1" 401 480
99.61.74.22 - - [06/Jan/2010:09:52:42 -0800] "GET
/mediawiki/index.php?title=MediaWiki:Common.css&usemsgcache=yes&ctype=text%2Fcss&smaxage=18000&action=raw&maxage=18000
HTTP/1.1" 401 480
99.61.74.22 - - [06/Jan/2010:09:52:43 -0800] "GET /favicon.ico HTTP/1.1"
401 480
99.61.74.22 - - [06/Jan/2010:09:52:46 -0800] "GET
/mediawiki/index.php?title=MediaWiki:Print.css&usemsgcache=yes&ctype=text%2Fcss&smaxage=18000&action=raw&maxage=18000
HTTP/1.1" 401 480
You see that there are 13 of them for which I receive 10 requests for
username and password.
Patrick
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org