CompuTurk
asked on
.htaccess is requiring two logins
I am simply trying to secure a folder and its contents with a username and password using .htaccess
In the folder 'secureFolder' I have placed .htaccess with the contents below:
//This is what gets prompted
AuthName "Restricted Area"
// I am not sure what this means.
AuthType Basic
// Server path to the .htpasswd file
AuthUserFile /home/httpd/vhosts/....../
// I am not sure what this means.
AuthGroupFile /dev/null
// I am not sure what this means either
require valid-user
My .htpasswd contants secureUsername:encryptedPa
When I go to http://www.mydomain.com/secureFolder I get prompted by "Restricted Area"
I type in my username and password and it takes me to a blank page, but I can read the page title and it also prompts me for " " this time. I try using the same username and password and it does not work.
The folder contains 2 swf files and an html file.
I am confused as to what I am doing wrong.
Any help would greatly be appreciated!
In the folder 'secureFolder' I have placed .htaccess with the contents below:
//This is what gets prompted
AuthName "Restricted Area"
// I am not sure what this means.
AuthType Basic
// Server path to the .htpasswd file
AuthUserFile /home/httpd/vhosts/....../
// I am not sure what this means.
AuthGroupFile /dev/null
// I am not sure what this means either
require valid-user
My .htpasswd contants secureUsername:encryptedPa
When I go to http://www.mydomain.com/secureFolder I get prompted by "Restricted Area"
I type in my username and password and it takes me to a blank page, but I can read the page title and it also prompts me for " " this time. I try using the same username and password and it does not work.
The folder contains 2 swf files and an html file.
I am confused as to what I am doing wrong.
Any help would greatly be appreciated!
Remove the:
AuthGroupFile /dev/null
line and try it out. You dont need that because your validation is by user, not group.
If that doesn't work, Do you have any other "restricted areas" in the same apache server? Only one? i.e. do you have any other htaccess files that have "AuthType" in them?
If you have more than one, check to make sure that none of your images/other files used in your html file are not in those other restricted areas. Try disabling those other restricted areas.
Don't forget to apply the changes between each of the trials above by restarting apache gracefully.
AuthGroupFile /dev/null
line and try it out. You dont need that because your validation is by user, not group.
If that doesn't work, Do you have any other "restricted areas" in the same apache server? Only one? i.e. do you have any other htaccess files that have "AuthType" in them?
If you have more than one, check to make sure that none of your images/other files used in your html file are not in those other restricted areas. Try disabling those other restricted areas.
Don't forget to apply the changes between each of the trials above by restarting apache gracefully.
ASKER
maltokyo
Removing the AuthGroupFile did not work. I had setup another secure folder through Plesk control panel. That works fine, but per browser basis. I would like to be able to allow as many connections as possible.
Blaz
Where should I store the .htpasswd file?
Removing the AuthGroupFile did not work. I had setup another secure folder through Plesk control panel. That works fine, but per browser basis. I would like to be able to allow as many connections as possible.
Blaz
Where should I store the .htpasswd file?
I do not understand what you mean by "per browser basis". Also, what relationship does allowing many connections have with this problem..? Sorry, I could be missing your point. Please try and remove the other protected directory to see if it is causing your problem..
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Please have a look at the procudure in:
http://drupal.org/node/77106
http://drupal.org/node/77106
ASKER
Thank you.
Did you also try a direct link to your html http://www.mydomain.com/secureFolder/test.html
AuthType Basic
Do a HTTP authentication
AuthGroupFile /dev/null
Do not use groups for authentication (empty file)
require valid-user
this requires that a valid user must log in to view the contents. It could also be:
require user <your username in .htpasswd>
http://httpd.apache.org/docs/2.0/howto/htaccess.html