problem: authentication using .htaccess

I am using Apache server and linux  redhat 7.2.

My company uses ldap to store employee info. We have a mounted directory, which has the ldap_db and also a user-passwd file which has all userid and encrypted passwords.

Now,  I want to be able to put a .htaccess file at directory level, to authenticate users before they access my site.

I tried putting a .htaccess file at my homedirectory  which looks like this:

AuthUserFile /network/ldap/user-passwords.txt
AuthName John Doe's Members-Only Area
AuthType Basic
 <Limit GET POST PUT>
 require valid-user
 </Limit>

But when I try http://localhost/~me, it does not prompt for password. I dont get any errors either, and the webpages are displayed fine.  Any idea why it does not prompt for userid/passwd?


Note:
In my LinuxGUI, System>AuthenticationConfiguration> I checked "Enable LDAP Support" and Configured LDAP to point to the correct server name and search base.
(Although I dont know if this is related to the .htaccess authentication or not)

Thank you.
chazhsAsked:
Who is Participating?
 
ahoffmannConnect With a Mentor Commented:
did you set AllowOverride propper in your httpd.conf?
0
 
ahoffmannCommented:
# never tried if it works with .htaccess, but works in httpd.conf <Location "/confidential/">

        AuthName "confidential data"
        AuthType Basic
        #
        # --- openldap
        AuthLDAPHosts "FQDN"
        AuthLDAPBindDN "cn=Manager,...,dc=xxx-xxx,dc=de"
        AuthLDAPBindPassword password
        AuthLDAPBaseDN "..,dc=xxx,dc=xxx-xxx,dc=de"
        #
        AuthLDAPSearchScope subtree
        AuthLDAPUserKey uid
        AuthLDAPPassKey userPassword
        #
        # --- Base64 encodced
        AuthLDAPSchemePrefix off
        #
        <Limit GET POST>
        require valid-user
        </Limit>

# keep in mind that AuthType Basic transfers the password nearly plain text (simple encryption)
# Hope that you are shure you want to compromise your internal security by such a public access
0
 
chazhsAuthor Commented:
I am not clear on this answer. No idea what to substitue for any of the variables above. (sorry, Im new here)

Anyhow, I guess giving the ldap server name directly might not work for me, since I need to give access to a restricted user list sometimes. (not the whole company)
So I maintain my own list of userids and encrypted passwords.
Thanks.
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

 
ahoffmannCommented:
beside the ldap server name you need to know the base dn and the dn for an account which is allowed to query the database (or ask your LDAP admin if the database can be queried anonymous, probably not for passwords:)
0
 
chazhsAuthor Commented:
I guess the problem is not so much ldap, but just getting .htaccess to work correctly.

I changed my .htaccess file so my AuthUserFile points to a local .htpasswd file that I just created using
htpasswd -c .htpasswd username

Still no luck, the web page gets displayed without any errors, but does not prompt for userid :(
0
 
chazhsAuthor Commented:
Note, I did try restarting webserver.

Also found this line in both httpd.conf and srm.conf
AccessFileName .htaccess
0
 
chazhsAuthor Commented:
Also Tried without the <limit> tag :)
0
 
chazhsAuthor Commented:
Yes Sir, it worked!!!
Set
 AllowOverride AuthConfig Indexes

 in my httpd.conf and it worked magically!!!

Thanks for your help!!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.