httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] htaccess help
Date Fri, 01 Jul 2005 14:34:45 GMT
> -----Original Message-----
> From: Michael [mailto:Michael@bio-world.com]
> Sent: Freitag, 1. Juli 2005 15:28
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] htaccess help
> 
> 
> The apache ver i have is Apache 2.0.40 runing on Red Hat 9.2.
> I wasnt clear enough my bad. I type in the address of the 
> folder i want to 
> protect in the browser. Then the wuthentication window pops 
> up. I enter the 
> user and passwd info hit OK and more than half of the page 
> loads up and 
> authentication window pops up again. So, I enter the 
> user&passwd again and 
> then the rest of the page loads up. 

So it looks like you have content on the page (eg images) which are also in a .htaccess protected
directory. 

To Explain:

If your docroot is /home/html for example and then you have a .htaccess file in /home/html/dir1
then when you go to http://server-name/dir1/page.html you will get a password popup - fine.

But if page.html has an image in it like src="/images/pic.gif", then the browser will make
a new request for http://server-name/images/pic.gif and apache will look in /home/html/images
to find pic.gif. BUT.... if you have another .htaccess file in this directory, apache will
throw a 401 and the browser will popup a second window!

So generally, if you have any content (gifs etc) in a password protected page, make sure it
is either found in the same directory (so under the same password realm) or that it is in
an unprotected directory. 

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

>I set in httpd.conf for 
> the web root dir 
> AllowOverride all and this is my .htaccess:
> AuthUserFile /var/www/passwd/.htpasswd
> AuthGroupFile /dev/null
> AuthName EnterPassword
> AuthType Basic
> require user aaa

PS - nothing wrong with the .htaccess file - the problem is that you have too many of them!

> 
> 
> ----- Original Message ----- 
> From: "Boyle Owen" <Owen.Boyle@swx.com>
> To: <users@httpd.apache.org>
> Sent: Friday, July 01, 2005 2:46 AM
> Subject: RE: [users@httpd] htaccess help
> 
> 
> Plain text please...
> 
> Couple of possibilities:
> 
> - you have a wrong username/password: If you get it wrong the 
> browser will 
> pop up the window again ad infinitum. Check carefully and 
> remember case is 
> important (in fact, create a new account in the password file 
> with user=aaa 
> and password=aaa - all lower-case so you don't make any mistakes).
> 
> - you are nesting authentication realms: You can only have 
> one layer of 
> authentication in HTTP. So if you have a password on dir1, 
> you can't have 
> another password on dir1/subdir. Check you're not doing this.
> 
> BTW, as well as posting in plain text, it's useful if you 
> tell us your 
> apache version and OS, at least.
> 
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored.
> 
> 
> -----Original Message-----
> From: Michael [mailto:Michael@bio-world.com]
> Sent: Donnerstag, 30. Juni 2005 21:24
> To: users@httpd.apache.org
> Subject: [users@httpd] htaccess help
> 
> 
> Hey everyone
> I have problem with htaccess. The problem is that i put 
> htaccess in one of 
> my dirs on the server and when i request that dir it pops 
> authentication 
> window which i intendet to have but then when i type user and 
> passw it keeps 
> on poping authentication window. I know it does ask me for 
> user and passwd 
> for every single thing its loading but how can i configure it 
> so that it 
> asks me once for that dir and thats it and loads up 
> everything in that dir 
> ???
> Diese E-mail ist eine private und persönliche Kommunikation. 
> Sie hat keinen 
> Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. 
> This e-mail is of 
> a private and personal nature. It is not related to the 
> exchange or business 
> activities of the SWX Group. Le présent e-mail est un message 
> privé et 
> personnel, sans rapport avec l'activité boursière du Groupe SWX.
> 
> 
> This message is for the named person's use only. It may contain 
> confidential, proprietary or legally privileged information. No 
> confidentiality or privilege is waived or lost by any 
> mistransmission. If 
> you receive this message in error, please notify the sender 
> urgently and 
> then immediately delete the message and any copies of it from 
> your system. 
> Please also immediately destroy any hardcopies of the 
> message. You must not, 
> directly or indirectly, use, disclose, distribute, print, or 
> copy any part 
> of this message if you are not the intended recipient. The 
> sender's company 
> reserves the right to monitor all e-mail communications through their 
> networks. Any views expressed in this message are those of 
> the individual 
> sender, except where the message states otherwise and the sender is 
> authorised to state them to be the views of the sender's company.
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
>
 
 
This message is for the named person's use only. It may contain confidential, proprietary
or legally privileged information. No confidentiality or privilege is waived or lost by any
mistransmission. If you receive this message in error, please notify the sender urgently and
then immediately delete the message and any copies of it from your system. Please also immediately
destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose,
distribute, print, or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail communications through their
networks. Any views expressed in this message are those of the individual sender, except where
the message states otherwise and the sender is authorised to state them to be the views of
the sender's company.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message