Apache basic authentication not working

Lisa Kachold lisakachold at obnosis.com
Mon Apr 20 19:37:26 MST 2009 

Alan:

---[begin viewvc.conf]---

ScriptAlias /viewvc /var/www/cgi-bin/viewvc.cgi
ScriptAlias /query /var/www/cgi-bin/query.cgi
Alias /viewvc-static /var/www/viewvc

<Directory /var/www/viewvc>
 AuthType Basic
 AuthName "Subversion ID"
 AuthUserFile /etc/svn-auth-file
 Require valid-user
  Order allow,deny
  Allow from all
</Directory>

# The cgi-bin needs to evaluated for security also like the <Directory
directive above.

<Directory /var/www/cgi-bin>
 Order allow,deny
 Allow from all
</Directory>

<Location /viewcvs>
 AuthType Basic
 AuthName "Subversion ID"
 AuthUserFile /etc/svn-auth-file
 Require valid-user
</Location>

<Location /query>
 AuthType Basic
 AuthName "Subversion ID"
 AuthUserFile /etc/svn-auth-file
 Require valid-user
</Location>

---[end viewvc.conf]---

References:
http://wiki.apache.org/httpd/PasswordBasicAuth
http://httpd.apache.org/docs/2.0/programs/htpasswd.html

Run her with these changes and respond with the Apachectl error message:

apachectl -f /etc/httpd/conf/httpd-testing.conf


Call me when you are implementing it and we can hash it out real quick.

On 4/20/09, Alan Dayley <alandd at consultpros.com> wrote:
> We are using the ViewVC tool[1] as a web interface for browsing CVS
> and Subversion repositories.  Been working wonderfully for a long
> time.  Recently we wanted to limit the access to browse the source.
> We want to do this with Apache's basic authentication capability.  All
> a great plan.
>
> On Red Hat Enterprise Linux 5 the configuration of Apache is
> controlled by configuration files in /etc/httpd/conf.d.  Every file in
> that directory whose name ends in .conf is read as an Apache
> configuration file.  For example, our server has files like
> apcupsd.conf perl.conf ssl.conf twiki.conf and so on.  All of them are
> read in alphabetical order and "concatenate" to make the Apache
> configuration.
>
> The viewvc.conf file is shown below.  The attempt is to require a user
> password for all access to ViewVC.  The authentication points at the
> user file for Subversion so if you have Subversion access, you have
> repository browsing access.  The user file works fine for Subversion
> as defined in a separate subversion.conf file.
>
> The painful part is that the configuration does not work.  Navigating
> to the ViewVC URL always results in displaying the interface and
> information.  Apache never asks for the authentication.  Here is what
> I have tried:
>
> - Rename the viewvc.conf file to viewvc.DISABLED, restart Apache, URL
> now returns 404 not found, as it should
>
> - Edit viewvc.conf to put an invalid directive in the <Location>
> block, restart Apache, Apache fails to start because of a
> configuration error.  This proves that the viewvc.conf file is being
> read.
>
> - Navigated to the URL using MS Internet Explorer, which I normally
> never use.  The page loads normally without asking for a password
> proving it is not a browser caching issue with Firefox.
>
> So the file is being read but it is not working at all.  Do any of you
> see something obviously wrong with the viewvc.conf contents below?  Do
> you have any other things I could try?
>
> ---[begin viewvc.conf]---
>
> ScriptAlias /viewvc /var/www/cgi-bin/viewvc.cgi
> ScriptAlias /query /var/www/cgi-bin/query.cgi
> Alias /viewvc-static /var/www/viewvc
>
> <Directory /var/www/viewvc>
>   Order allow,deny
>   Allow from all
> </Directory>
>
> <Directory /var/www/cgi-bin>
>   Order allow,deny
>   Allow from all
> </Directory>
>
> <Location /viewcvs>
>   AuthType Basic
>   AuthName "Subversion ID"
>   AuthUserFile /etc/svn-auth-file
>   Require valid-user
> </Location>
>
> <Location /query>
>   AuthType Basic
>   AuthName "Subversion ID"
>   AuthUserFile /etc/svn-auth-file
>   Require valid-user
> </Location>
>
> ---[end viewvc.conf]---
>
> Alan
>
> [1]http://viewvc.tigris.org/servlets/ProjectHome
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>


-- 
www.obnosis.com (503)754-4452
"Contradictions do not exist." A. Rand

More information about the PLUG-discuss mailing list