Alan: ---[begin viewvc.conf]--- ScriptAlias /viewvc /var/www/cgi-bin/viewvc.cgi ScriptAlias /query /var/www/cgi-bin/query.cgi Alias /viewvc-static /var/www/viewvc AuthType Basic AuthName "Subversion ID" AuthUserFile /etc/svn-auth-file Require valid-user Order allow,deny Allow from all # The cgi-bin needs to evaluated for security also like the Order allow,deny Allow from all AuthType Basic AuthName "Subversion ID" AuthUserFile /etc/svn-auth-file Require valid-user AuthType Basic AuthName "Subversion ID" AuthUserFile /etc/svn-auth-file Require valid-user ---[end viewvc.conf]--- References: http://wiki.apache.org/httpd/PasswordBasicAuth http://httpd.apache.org/docs/2.0/programs/htpasswd.html Run her with these changes and respond with the Apachectl error message: apachectl -f /etc/httpd/conf/httpd-testing.conf Call me when you are implementing it and we can hash it out real quick. On 4/20/09, Alan Dayley wrote: > We are using the ViewVC tool[1] as a web interface for browsing CVS > and Subversion repositories. Been working wonderfully for a long > time. Recently we wanted to limit the access to browse the source. > We want to do this with Apache's basic authentication capability. All > a great plan. > > On Red Hat Enterprise Linux 5 the configuration of Apache is > controlled by configuration files in /etc/httpd/conf.d. Every file in > that directory whose name ends in .conf is read as an Apache > configuration file. For example, our server has files like > apcupsd.conf perl.conf ssl.conf twiki.conf and so on. All of them are > read in alphabetical order and "concatenate" to make the Apache > configuration. > > The viewvc.conf file is shown below. The attempt is to require a user > password for all access to ViewVC. The authentication points at the > user file for Subversion so if you have Subversion access, you have > repository browsing access. The user file works fine for Subversion > as defined in a separate subversion.conf file. > > The painful part is that the configuration does not work. Navigating > to the ViewVC URL always results in displaying the interface and > information. Apache never asks for the authentication. Here is what > I have tried: > > - Rename the viewvc.conf file to viewvc.DISABLED, restart Apache, URL > now returns 404 not found, as it should > > - Edit viewvc.conf to put an invalid directive in the > block, restart Apache, Apache fails to start because of a > configuration error. This proves that the viewvc.conf file is being > read. > > - Navigated to the URL using MS Internet Explorer, which I normally > never use. The page loads normally without asking for a password > proving it is not a browser caching issue with Firefox. > > So the file is being read but it is not working at all. Do any of you > see something obviously wrong with the viewvc.conf contents below? Do > you have any other things I could try? > > ---[begin viewvc.conf]--- > > ScriptAlias /viewvc /var/www/cgi-bin/viewvc.cgi > ScriptAlias /query /var/www/cgi-bin/query.cgi > Alias /viewvc-static /var/www/viewvc > > > Order allow,deny > Allow from all > > > > Order allow,deny > Allow from all > > > > AuthType Basic > AuthName "Subversion ID" > AuthUserFile /etc/svn-auth-file > Require valid-user > > > > AuthType Basic > AuthName "Subversion ID" > AuthUserFile /etc/svn-auth-file > Require valid-user > > > ---[end viewvc.conf]--- > > Alan > > [1]http://viewvc.tigris.org/servlets/ProjectHome > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- www.obnosis.com (503)754-4452 "Contradictions do not exist." A. Rand --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss