Bug#219774: Causing Reason identified (Re: Bug#219774: Doesn't help)
Hi Michael,
thanks a lot for your information and help. I will look deeper
into it tomorrow evening.
#include <real_life_first.h> ;)
Thanks
Fabio
On Sat, 15 Nov 2003, Michael Holzt wrote:
> > First of all none of you have been providing enough information about your
> > setup. Authentication works for me using different schemes. Which
> > authentication modules are not working for you? Which is your config?
>
> First, i'm sorry for my little bit of flamage yesterday, but i was really
> upset, because this was the second time my apache - which is much needed
> here - broke on the same day. First the index.html problem (no upgrade, just
> added a module) and after that this problem here.
>
> I have now found out how the problem can be reproduced and forced. The
> problem is the sys_auth_module. When it is loaded, the standard
> configuration widely used for password protected sites will fail without any
> usable error message.
>
> I have the following auth-modules in my apache-config (didn't choosed them,
> they were added by the debian package):
>
> LoadModule auth_module /usr/lib/apache/1.3/mod_auth.so
> [...]
> LoadModule anon_auth_module /usr/lib/apache/1.3/mod_auth_anon.so
> LoadModule dbm_auth_module /usr/lib/apache/1.3/mod_auth_dbm.so
> LoadModule db_auth_module /usr/lib/apache/1.3/mod_auth_db.so
> [...]
> LoadModule sys_auth_module /usr/lib/apache/1.3/mod_auth_sys.so
>
> Config from httpd.conf which worked _was_:
>
> <Directory /var/www/>
> [...]
> AllowOverride AuthConfig
> [...]
> </Directory>
>
> In this Directory i have a .htaccess:
>
> AuthType Basic
> AuthName "kjus Entwicklungslabor"
> AuthUserFile /etc/apache/.htpasswd
> require valid-user
>
> This is just the plain normal configuration used by a lot of sites. The
> configuration worked until the latest upgrade. Now it just states 'User xxx
> not found' in the error.log. There are three possible fixes to this:
>
> a.) One can remove the sys_auth_module. This should be done anyways, as
> you are rightful warning about the usage. I have no idea why the
> debian package added this module. I didn't asked for it, and in
> my opinion it should never be added by default.
>
> b.) One can add the Suggested Line by Edward after the AllowOverride
> Statement. The AuthAuthoritative Off Setting will tell the Apache
> the continue even if a previous auth module failed. As it seems,
> the modules will be queried in the reverse order as they were
> loaded. So in my config above sys_auth_module will be queried first,
> and then db_auth_module, dbm_auth_module and anon_auth_module
> (all three are not triggered by my configuration and will not fail),
> and the auth_module seems to be last asked. This leads me to
> solution c:
>
> c.) The sys_auth_module could just be loaded _before_ auth_module.
>
> So c.) might be the easiest fix, but i still stay to a.) and ask why this
> module was included in standard config (was it? i wasn't asked about it, and
> it was not added by me...)
>
> Hope to be helpful to now resolve this problem.
>
> Regards
> Michael
>
>
--
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues
http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html
Reply to: