Mailing List Archive

No password box using .htaccess
Running Apache 1.3.19 on OpenBSD 2.9

I have placed a .htaccess file in a private directory on my web
server. It is configured according to several tutorials I found. I
also configured the httpd.conf file and set it to AllowOverride All.
I created the .htpasswd file with the accounts I wanted to have
access. I then restarted the server.

After doing all this, when I try to go to the directory I restricted,
I only get the 403 Forbidden webpage come up. It never gives me a
password prompt to authenticate myself.

Does anyone have any suggestions? I am getting so flustered with this.
I have also tried specifying a group in the .htacces file and creating
a .htgroup.
If I remove the .htaccess file, or change the AllowOverride All to
AllowOverride None, it gives me access. So it is somewhat working.

Here is a copy of .htaccess:

AuthUserFile /usr/local/.htpasswd
AuthName "Secure_Login"
AuthType Basic
require user jsmith jdoe

Thank you for your help...
Brian T.



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: No password box using .htaccess [ In reply to ]
> From: Brian P. Trotter [mailto:btrotter@pobox.com]

>
> Running Apache 1.3.19 on OpenBSD 2.9
>
> I have placed a .htaccess file in a private directory on my web
> server. It is configured according to several tutorials I found. I
> also configured the httpd.conf file and set it to AllowOverride All.
> I created the .htpasswd file with the accounts I wanted to have
> access. I then restarted the server.
>
> After doing all this, when I try to go to the directory I restricted,
> I only get the 403 Forbidden webpage come up. It never gives me a
> password prompt to authenticate myself.

What does the error log say?

Can you access the documents if you remove the .htaccess?

Are there any other AllowOverride directives in httpd.conf?

Have you tried using a <Directory> section in httpd.conf rather than using
an .htaccess file?

Joshua.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: No password box using .htaccess [ In reply to ]
Joshua,

THANK YOU!!!

Upon reading your email, I did a Homer Simpson 'DOH' while slapping my
forehead.
When all else fails... READ the freaking error logs <talking to myself>.
When I opened the error log, right there, plain as day is an error about the
.htaccess not being readable. Then I went to my directory that I created the
.htaccess file in...as root.... and right there was my answer. I never did a
chown <server user> .htaccess.

I made the change, tested it out, and presto... there is the login prompt.

So thank you for your help... and for humbling me in my own ignorance. :)

Take care,
Brian T.



-----Original Message-----
From: Joshua Slive [mailto:joshua@slive.ca]
Sent: Monday, December 31, 2001 6:10 PM
To: users@httpd.apache.org; btrotter@pobox.com
Subject: RE: No password box using .htaccess


> From: Brian P. Trotter [mailto:btrotter@pobox.com]

>
> Running Apache 1.3.19 on OpenBSD 2.9
>
> I have placed a .htaccess file in a private directory on my web
> server. It is configured according to several tutorials I found. I
> also configured the httpd.conf file and set it to AllowOverride All.
> I created the .htpasswd file with the accounts I wanted to have
> access. I then restarted the server.
>
> After doing all this, when I try to go to the directory I restricted,
> I only get the 403 Forbidden webpage come up. It never gives me a
> password prompt to authenticate myself.

What does the error log say?

Can you access the documents if you remove the .htaccess?

Are there any other AllowOverride directives in httpd.conf?

Have you tried using a <Directory> section in httpd.conf rather than using
an .htaccess file?

Joshua.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org