httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: MS Word, .htaccess & Passwords
Date Mon, 03 Jun 2002 18:21:39 GMT

Please respond to


Subject:  Re: MS Word, .htaccess & Passwords

On Mon, 3 Jun 2002 wrote:
>> I have users directories at /home. So when a user has a word document
>> someone tries to access it, the browser puts up the "enter network
>> password" box. You can click OK to the empty box or hit cancel and the
>> file proceeds to open. This type of scenario also happens in the
>> area of the tree structure. The curious thing is that I have seen this
>> occur with MS word documents. It doesn't happen with pdf files, text
>> etc.
>> I have checked the mime types and played with the httpd.conf file till
>> blue. The only thing that I have found to get passed this trouble is to
>> remove the .htaccess I am open to any and all suggestions to resolve
>> quirk while maintaining the security of .htaccess.

>This sounds like typical MS-brain-dead behvior.  My guess: MSIE is looking
>for frontpage extensions or some such thing to see if it will give
>"publishing" access to the word document.  It looks for these files under
>the document root.  If you didn't have authentication, they would just be
>"not found", but since you have authentication, the server must ask for
>auth before it can confirm that.

>Solutions?  Well, you can check your access log for the particular files
>that MS is looking for and deliberately unprotect those locations.  (You
>won't have any files there, but if you unprotect the relevant directory,
>you should be able to stop the password prompt.)

It appears that it is looking for a file called  /_vti_inf.hml What makes
this perplexing is that I have no file on my system called _vti_inf.html.
So judging by the entry in the access_log of - "Get /_vti_inf.html
HTTP/1.1" 401 409 - I think this is some arbitrary file and it is looking
for it in the document root of the httpd server. Correct? and that I would
have to unprotect the document root (no matter what I directory I make the
root) which basically boils down to removing the .htaccess or go through a
weeks worth of correcting relative links.

I'm hoping that somebody has a better suggestion and also what is this file
and why is it that MS Word is the only application wanting this?


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message