httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dragon <>
Subject Re: [users@httpd] Multiple Authentication
Date Fri, 03 Aug 2007 21:45:13 GMT
Brian Weed wrote:
>I'm using Apache v2.2.4 (on Windows Server 2003) and
>I'm trying to use both SSPI and Basic Authentication
>together so that both Domain and non-domain users can
>log in to my Trac Wiki site.
>Withi this config:
><LocationMatch "/cgi-bin/trac.cgi/[^/]+/login">
>   # Domain Login
>   AuthName "my domain"
>   AuthType SSPI
>   SSPIAuth On
>   SSPIAuthoritative Off
>   SSPIOfferBasic On
>   SSPIOfferSSPI Off
>   SSPIOmitDomain On
>   SSPIPerRequestAuth On
>  # Non-domain login
>   AuthType Basic
>   AuthBasicAuthoritative Off
>   AuthUserFile D:/wikis/trac.htpasswd
>   Require valid-user
>It only allows Domain users to log in.  Its not
>falling back to Basic via AuthUserFile.
>If I turn off SSPI, then it allows Basic Auth (but
>obviously not Domain login).
>Searching the web, I've found a few people with
>similar problems, but no real solution:
>The error I get in the error.log is: "...Logon
>failure: unknown user name or bad password.  : user
>MYDOMAIN\\nondomainuser: authentication failure for
>So, it seems as though it's always prepending the
>domain, even when falling back to Basic, or its not
>falling back at all.
>Is there some other module I have to install to
>support falling back?
>Any ideas as to what else I may be doing wrong?
---------------- End original message. ---------------------

Just a thought... (caveat being I have not messed with anything 
beyond basic authentication).

What about having two different virtual hosts serving as entry points 
to this application which both point to the same application directory?

I think by doing that you can have one of the authentication methods 
associated with one virtual host and the other with the second virtual host.


  Venimus, Saltavimus, Bibimus (et naribus canium capti sumus)

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message