?
Solved

trouble with .htaccess file, apache

Posted on 2015-02-06
4
Medium Priority
?
134 Views
Last Modified: 2015-02-08
I'm running apache 2.4.10 on Linux Slackware64 14.1 kernel 3.10.17.

This .htaccess file works:
AuthType Basic
AuthName "DAV-upload"
AuthUserFile /etc/httpd/passwords
Require user joe

Open in new window

This one does not:
AuthType Basic
AuthName "DAV-upload"
Require valid-user

Open in new window

I get
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Why? Apache docs indicates 'valid-user' "will allow anyone in that is listed in the password file, and who correctly enters their password." http://httpd.apache.org/docs/2.4/howto/auth.html. And, 'valid-user' appears to be permitted in .htaccess files:  http://weavervsworld.com/docs/other/passprotect.html

What am I doing wrong?
0
Comment
Question by:jmarkfoley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 

Accepted Solution

by:
bvtech earned 1600 total points
ID: 40594196
Hi there,
have you tried to insert also
AuthUserFile /etc/httpd/passwords
in the second configuration file?
This is necessary, if you use "local grants'" configuration.
Let me know.
Ciao
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 40595019
bvtech:
have you tried to insert also  AuthUserFile /etc/httpd/passwords
I did try that and it worked ... sort of. It only authenticates with people in the /etc/httpd/passwords file. But ah ha, maybe that's what it means by 'valid-user' "will allow anyone in that is listed in the password file, and who correctly enters their password."  They're not talking about the OS password file, they're talking about the Apache password file, right?
0
 
LVL 18

Assisted Solution

by:Lucas Bishop
Lucas Bishop earned 400 total points
ID: 40596559
They're not talking about the OS password file, they're talking about the Apache password file, right?

Correct. The list of "valid users" is contained inside the file specified via AuthUserFile, hence needing to specify the path to this file in the config.
0
 
LVL 1

Author Closing Comment

by:jmarkfoley
ID: 40597503
Thanks. I did write a script to create the http password file from the /etc/shadow file, so at least that simplifies things and the users don't have to remember 2 passwords:

cut -d: -f1,3 /etc/passwd | grep ":300" | cut -d: -f1 | \
while read
do
    grep "^$REPLY" /etc/shadow | cut -d: -f1,2
done > /etc/httpd/passwords
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question