[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Root directory protected via basic auth, thus 401 error document can't be displayed

Posted on 2004-09-18
7
Medium Priority
?
586 Views
Last Modified: 2010-03-04
In my httpd.conf file, under one of my virtual hosts, I have the / directory password protected using http basic auth. If a user doesn't enter a valid username/password combo, I would like to display a custom error document to them, telling them to signup to my site. Unfortunately when using "ErrorDocument 401 /noaccess.html" the noaccess.html (according to my error.log file) must be a file accessible via the current virtual host.

Since the / directory is protected, and /noaccess.html is within that directory it is also protected and I just receive Apache's standard 401 error, with an additional message on the bottom saying the 401 page is also returning 401.

Here is the (relevant) config:

<Virtualhost my.hostname.com>
   <Location />
      PerlAuthenHandler Apache::SecureCheck
       AuthType Basic
       AuthName MyDomain
      require valid-user
   </Location>
   <Location /noaccess.html>
        allow from all
   </Location>
   ErrorDocument 401 /noaccess.html
</VirtualHost>

I have shuffled around the order of the two <Location> blocks and the Error 401 tag, with no luck.

Also, if possible, i'd like to have noaccess.html located on a different virtual host, or even in a non-web accessible directory. Currently I am hoping to accomplish this via

Alias /noaccess.html /home/me/noaccess.html

However, I have tried removing the alias command, and using an actual file with no luck displaying the noaccess.html file.

Thanks
0
Comment
Question by:topsoil
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 38

Expert Comment

by:yuzh
ID: 12098969
Put the following .htaccess file:

ErrorDocument 401  /noaccess.html

also have a look at the answer in:
http:Q_20901798.html
0
 
LVL 38

Accepted Solution

by:
yuzh earned 500 total points
ID: 12099019
or you can defined it in your main server config file httpd.conf:

ErrorDocument 401 /Subscription/how_to_subscribe.html

For more details:
http://httpd.apache.org/docs/custom-error.html
Tutorial + error codes:
http://www.htmlcenter.com/tutorials/printtutorial.cfm?id=150&type=General
0
 
LVL 15

Assisted Solution

by:periwinkle
periwinkle earned 500 total points
ID: 12102927
I think what he's saying, yuzh, is that he's password protected the entire site - they can't get the 403 or 401 page without entering a name and password.

I would suggest putting the entire site in a password protected subdirectory, and only have the 401, 404, and 403 documents in the root directory...
0
 
LVL 9

Assisted Solution

by:_GeG_
_GeG_ earned 500 total points
ID: 12110039
i am not sure, but put a files directive in your conf file,

<files your4040file.html>
order allow, deny
allow from all
satisfy any
</files>

I haven't tried it, but this should do the trick. I am not sure in which order the authorization works, so maybe you will have to put your error files in a subdirecotry and use directory directives, like

<directory directory_for_error_files>
order allow, deny
allow from all
satisfy any
</directory>
0
 
LVL 2

Assisted Solution

by:rootkiddy
rootkiddy earned 500 total points
ID: 12130085
GeG 100% correct.

allow from all  <--- Would normally grant access
satisfy any

The "satisfy any" is the piece that tells apache that you will accept the previous require "user, group, etc." or you will accept based on mod_access.  This is a configuration that I have on a few sites.

Suggestion is that if you have more than one custom error document then you might consider putting them in a directory and using the one of the directory configurations (directory, location, etc.) or name the files similar where you can do a filesmatch.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question