[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

htaccess confusion! Need help.

I'm trying to set up digest authentication for a particular directory
accessible via Apache. I thought it would be as simple as creating the
.htaccess file with the contents:

AuthType Digest
AuthName "Private Access Only"
AuthDigestFile /etc/apache/digest-auth.passwd

in the directory I wish to protect and restart apache (not even sure
the restart is necessary, when things are working?). Unfortunately the
.htaccess file seems to be, mostly, ignored. The only exception to
this is if the www-data user (the user the apache daemon runs under)
can't read that file. Then it complains about not being able to read
it in the error log. Otherwise it's wide open no matter what's in

I've loaded the digest auth module, via

LoadModule digest_auth_module /usr/lib/apache/1.3/mod_auth_digest.so

in /etc/apache/httpd.conf and apache seems to load it fine, so I know
that's not the problem.

I saw some poorly worded mention of this problem in the list archives,
something about a conflict with

DocumentRoot /data/www

and the default directory spec

<Directory />
    Options SymLinksIfOwnerMatch
    AllowOverride None

which is listed after the "DocumentRoot" option, but I couldn't follow

Here's the directory entry in httpd.conf that I want to control access
to via digest authentication:

<Directory /usr/lib/cgi-bin/bonsai>
    AllowOverride AuthConfig
    Options ExecCGI
    Order deny,allow
    Deny from all

Of course, if I set "Allow from all" then it's wide open. With "Deny
from all" nobody can read it and I never get a login/password
dialog. And "AllowOverride All" doesn't fix it either.

I'm running "testing" with Apache 1.3.24-2.1

Any ideas?


To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: