Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 149
  • Last Modified:

trouble with .htaccess file, apache

I'm running apache 2.4.10 on Linux Slackware64 14.1 kernel 3.10.17.

This .htaccess file works:
AuthType Basic
AuthName "DAV-upload"
AuthUserFile /etc/httpd/passwords
Require user joe

Open in new window

This one does not:
AuthType Basic
AuthName "DAV-upload"
Require valid-user

Open in new window

I get
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Why? Apache docs indicates 'valid-user' "will allow anyone in that is listed in the password file, and who correctly enters their password." http://httpd.apache.org/docs/2.4/howto/auth.html. And, 'valid-user' appears to be permitted in .htaccess files:  http://weavervsworld.com/docs/other/passprotect.html

What am I doing wrong?
0
jmarkfoley
Asked:
jmarkfoley
  • 2
2 Solutions
 
bvtechCommented:
Hi there,
have you tried to insert also
AuthUserFile /etc/httpd/passwords
in the second configuration file?
This is necessary, if you use "local grants'" configuration.
Let me know.
Ciao
0
 
jmarkfoleyAuthor Commented:
bvtech:
have you tried to insert also  AuthUserFile /etc/httpd/passwords
I did try that and it worked ... sort of. It only authenticates with people in the /etc/httpd/passwords file. But ah ha, maybe that's what it means by 'valid-user' "will allow anyone in that is listed in the password file, and who correctly enters their password."  They're not talking about the OS password file, they're talking about the Apache password file, right?
0
 
Lucas BishopClick TrackerCommented:
They're not talking about the OS password file, they're talking about the Apache password file, right?

Correct. The list of "valid users" is contained inside the file specified via AuthUserFile, hence needing to specify the path to this file in the config.
0
 
jmarkfoleyAuthor Commented:
Thanks. I did write a script to create the http password file from the /etc/shadow file, so at least that simplifies things and the users don't have to remember 2 passwords:

cut -d: -f1,3 /etc/passwd | grep ":300" | cut -d: -f1 | \
while read
do
    grep "^$REPLY" /etc/shadow | cut -d: -f1,2
done > /etc/httpd/passwords
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now