Find the answer to your Linux question:
Results 1 to 6 of 6
I've got a web server all up and running on my new Debian 3.1 machine and I'm trying to password protect one directory with all of its contents. I created ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2005
    Posts
    19

    I need help with Apache user authentication


    I've got a web server all up and running on my new Debian 3.1 machine and I'm trying to password protect one directory with all of its contents. I created my usernames and passwords using htpasswd (calling the file .htpasswd) and I created a .htgroup file called "members". I modifed my httpd.conf file and created a .htaccess file which I put in the directory that I want to protect. I restarted my server, went to my website, and clicked on the link to my protected directory. The username and password window pops up, but it won't accept anything that I put in. The authentication just fails every time. Here are my .htaccess and httpd.conf files.

    Code:
    AuthType Basic
    AuthName "BU Blades"
    AuthUserFile /etc/apache/.htpasswd
    AuthGroupFile /etc/apache/.htgroup
    
    require group members
    Code:
    ServerType standalone
    
    ServerRoot /etc/apache
    
    LockFile /var/lock/apache.lock
    
    PidFile /var/run/apache.pid
    
    ScoreBoardFile /var/run/apache.scoreboard
    
    Timeout 300
    
    KeepAlive On
    
    MaxKeepAliveRequests 100
    
    KeepAliveTimeout 15
    
    MinSpareServers 5
    MaxSpareServers 10
    
    StartServers 5
    
    MaxClients 150
    
    MaxRequestsPerChild 100
    
    Include /etc/apache/modules.conf
    
    <IfModule mod_status.c>
      ExtendedStatus On
    </IfModule>
    
    Port 80
    
    User www-data
    Group www-data
    
    ServerAdmin timwalsh@bu.edu
    
    ServerName www.bublades.com
    
    DocumentRoot /var/www
    
    <Directory />
        Options SymLinksIfOwnerMatch
        AllowOverride None
    </Directory>
    
    <Directory /var/www/>
    
        Options Indexes Includes FollowSymLinks MultiViews
    
     AllowOverride AuthConfig
    
        Order allow,deny
        Allow from all
    </Directory>
    
    <Directory /var/www/members/*>
    AuthName "BU Blades"
    AllowOverride AuthConfig
    AuthType Basic
    AuthUserFile /etc/apache/.htpasswd
    AuthGroupFile /etc/apache/.htgroup
    require group members
    </Directory>
    
    <IfModule mod_userdir.c>
        UserDir public_html
    
        <Directory /home/*/public_html>
            AllowOverride FileInfo AuthConfig Limit
            Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
            <Limit GET POST OPTIONS PROPFIND>
                Order allow,deny
                Allow from all
            </Limit>
            <Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
                Order deny,allow
                Deny from all
            </Limit>
        </Directory>
    </IfModule>
    
    <IfModule mod_dir.c>
        DirectoryIndex index.html index.htm index.shtml index.cgi index.php
    </IfModule>
    
    AccessFileName .htaccess
    
    <Files ~ "^\.ht">
        Order allow,deny
        Deny from all
    </Files>
    
    UseCanonicalName Off
    
    TypesConfig /etc/mime.types
    
    DefaultType text/plain
    
    <IfModule mod_mime_magic.c>
        MIMEMagicFile /usr/share/misc/file/magic.mime
    </IfModule>
    
    HostnameLookups Off
    
    ErrorLog /var/log/apache/error.log
    
    LogLevel warn
    
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%&#123;Referer&#125;i\" \"%&#123;User-Agent&#125;i\" \"%&#123;forensic-id&#125;n\" %T %v" full
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%&#123;Referer&#125;i\" \"%&#123;User-Agent&#125;i\" \"%&#123;forensic-id&#125;n\" %P %T" debug
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%&#123;Referer&#125;i\" \"%&#123;User-Agent&#125;i\" \"%&#123;forensic-id&#125;n\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%&#123;forensic-id&#125;n\"" forensic
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    LogFormat "%&#123;Referer&#125;i -> %U" referer
    LogFormat "%&#123;User-agent&#125;i" agent
    
    CustomLog /var/log/apache/access.log combined
    
    <IfModule mod_log_forensic.c>
     ForensicLog /var/log/apache/forensic.log
    </IfModule>
    
    <IfModule mod_backtrace.c>
     EnableExceptionHook On
     
    </IfModule>
    
    <IfModule mod_whatkilledus.c>
     EnableExceptionHook On
     
    </IfModule>
    
    ServerSignature On
    
    <IfModule mod_alias.c>
        Alias /icons/ /usr/share/apache/icons/
    
        <Directory /usr/share/apache/icons>
             Options Indexes MultiViews
             AllowOverride None
             Order allow,deny
             Allow from all
        </Directory>
    
        Alias /images/ /usr/share/images/
    
        <Directory /usr/share/images>
             Options MultiViews
             AllowOverride None
             Order allow,deny
             Allow from all
        </Directory>
    </IfModule>
    
    <IfModule mod_alias.c>
        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    
        <Directory /usr/lib/cgi-bin/>
            AllowOverride None
            Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
            Order allow,deny
            Allow from all
        </Directory>
    </IfModule>
    
    <IfModule mod_autoindex.c>
    
        IndexOptions FancyIndexing NameWidth=*
    
        AddIconByEncoding &#40;CMP,/icons/compressed.gif&#41; x-compress x-gzip
    
        AddIconByType &#40;TXT,/icons/text.gif&#41; text/*
        AddIconByType &#40;IMG,/icons/image2.gif&#41; image/*
        AddIconByType &#40;SND,/icons/sound2.gif&#41; audio/*
        AddIconByType &#40;VID,/icons/movie.gif&#41; video/*
    
        AddIcon /icons/binary.gif .bin .exe
        AddIcon /icons/binhex.gif .hqx
        AddIcon /icons/tar.gif .tar
        AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
        AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
        AddIcon /icons/a.gif .ps .ai .eps
        AddIcon /icons/layout.gif .html .shtml .htm .pdf
        AddIcon /icons/text.gif .txt
        AddIcon /icons/c.gif .c
        AddIcon /icons/p.gif .pl .py
        AddIcon /icons/f.gif .for
        AddIcon /icons/dvi.gif .dvi
        AddIcon /icons/uuencoded.gif .uu
        AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
        AddIcon /icons/tex.gif .tex
        AddIcon /icons/bomb.gif core
        AddIcon /icons/deb.gif .deb
    
        AddIcon /icons/back.gif ..
        AddIcon /icons/hand.right.gif README
        AddIcon /icons/folder.gif ^^DIRECTORY^^
        AddIcon /icons/blank.gif ^^BLANKICON^^
    
        DefaultIcon /icons/unknown.gif
    
        ReadmeName README.html
        HeaderName HEADER.html
    
        IndexIgnore .??* *~ *# HEADER.html HEADER.txt RCS CVS *,v *,t
    
    </IfModule>
    
    <IfModule mod_mime.c>
    
        AddEncoding x-compress Z
        AddEncoding x-gzip gz tgz
    
        AddLanguage da .dk
        AddLanguage nl .nl
        AddLanguage en .en
        AddLanguage et .ee
        AddLanguage fr .fr
        AddLanguage de .de
        AddLanguage el .el
        AddLanguage it .it
        AddLanguage ja .ja
        AddCharset ISO-2022-JP .jis
        AddLanguage pl .po
        AddCharset ISO-8859-2 .iso-pl
        AddLanguage pt .pt
        AddLanguage pt-br .pt-br
        AddLanguage lb .lu
        AddLanguage ca .ca
        AddLanguage es .es
        AddLanguage sv .se
        AddLanguage cs .cz
    
        <IfModule mod_negotiation.c>
            LanguagePriority en da nl et fr de el it ja pl pt pt-br lb ca es sv
        </IfModule>
    
        AddType application/x-tar .tgz
        AddType image/bmp .bmp
    
        AddType text/x-hdml .hdml
    
        <IfModule mod_include.c>
         AddType text/html .shtml
         AddHandler server-parsed .shtml
        </IfModule>
    
    </IfModule>
    
    AddDefaultCharset on
    
    <IfModule mod_setenvif.c>
      
        BrowserMatch "Mozilla/2" nokeepalive
        BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
    
        BrowserMatch "RealPlayer 4\.0" force-response-1.0
        BrowserMatch "Java/1\.0" force-response-1.0
        BrowserMatch "JDK/1\.0" force-response-1.0
    </IfModule>
    
    <IfModule mod_perl.c>
      <IfModule mod_alias.c>
       Alias /perl/ /var/www/perl/
      </IfModule>
      <Location /perl>
        SetHandler perl-script
        PerlHandler Apache&#58;&#58;Registry
        Options +ExecCGI
      </Location>
    </IfModule>
    
    <IfModule mod_alias.c>
     Alias /doc/ /usr/share/doc/
    </IfModule>
    
    <Location /doc>
      order deny,allow
      deny from all
      allow from 127.0.0.0/255.0.0.0
      Options Indexes FollowSymLinks MultiViews
    </Location>
    
    <IfModule mod_proxy.c>
       
    </IfModule>
    
    Include /etc/apache/conf.d
    Thanks for your help,

    Tim Walsh

  2. #2
    Just Joined!
    Join Date
    Oct 2005
    Location
    North Carolina, USA
    Posts
    45
    Have you checked that the permissions settings for your password and group files? I think they need to be set such that the userid under which the server runs has read permission.

  3. #3
    Just Joined!
    Join Date
    May 2005
    Posts
    19
    Thanks Michael, you were right, my permissions were wrong. Now I have another, perhaps more interesting problem, though.

    The only username that actually allows me access is the first one listed in my .htgroup file. I tested this hypothesis by switching the order of the usernames in the file so that a different name was first on the list and it held true. I've been looking around the internet to see if I formated my file incorrectly and I've seen a lot of different examples. Some have no space between the group name and the first username, some separate the names only by a space, some separate only by a comma, and some separate by a space and a comma. This is how I have my .htgroup file right now which only allows access to the first name, "bittenbender".

    Code:
    members&#58; bittenbender mcindoe robinson gillespie matsuda hughes
    asciutto hainsworth gates dedominici walsh hitchings sharer mcshea
    Any help with this would be appreciated.

    Tim Walsh

  4. #4
    Just Joined!
    Join Date
    Oct 2005
    Location
    North Carolina, USA
    Posts
    45
    Sorry for the delay in responding - I couldn't access the forum for a few days.

    Do you have the names split into two or more lines? I tested this on my server and got similar failures. Putting all the names on one line with spaces in between worked for me.

  5. #5
    Just Joined!
    Join Date
    Oct 2005
    Location
    North Carolina, USA
    Posts
    45
    Should have posted the example that worked for me, all on one line:

    members: mike mary jess morgan

  6. #6
    Just Joined!
    Join Date
    May 2005
    Posts
    19
    Hey thanks a lot, Michael. That worked. Unfortunately, I had a lot of usernames in the group that took up more than one line, so I just split them into 2 different groups and said

    Code:
    require group members
    require group members2
    Now it appears to work fine with any username.

    Thanks, again.

    Tim

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •