SOLVED! RE: Apache basic authentication not working

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Dayley, Alan
Date:  
To: Main PLUG discussion list
Old-Topics: Re: Apache basic authentication not working
Subject: SOLVED! RE: Apache basic authentication not working
Lisa and everyone. Thank you for the help.

By adding the authentication directives to the <Directory> blocks, the
authentication is now working. I appreciate the help.

Alan

> -----Original Message-----
> From:
> [mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On
> Behalf Of Lisa Kachold
> Sent: Monday, April 20, 2009 7:37 PM
> To: Main PLUG discussion list
> Subject: Re: Apache basic authentication not working
>
> Alan:
>
> ---[begin viewvc.conf]---
>
> ScriptAlias /viewvc /var/www/cgi-bin/viewvc.cgi ScriptAlias
> /query /var/www/cgi-bin/query.cgi Alias /viewvc-static /var/www/viewvc
>
> <Directory /var/www/viewvc>
> AuthType Basic
> AuthName "Subversion ID"
> AuthUserFile /etc/svn-auth-file
> Require valid-user
> Order allow,deny
> Allow from all
> </Directory>
>
> # The cgi-bin needs to evaluated for security also like the
> <Directory directive above.
>
> <Directory /var/www/cgi-bin>
> Order allow,deny
> Allow from all
> </Directory>
>
> <Location /viewcvs>
> AuthType Basic
> AuthName "Subversion ID"
> AuthUserFile /etc/svn-auth-file
> Require valid-user
> </Location>
>
> <Location /query>
> AuthType Basic
> AuthName "Subversion ID"
> AuthUserFile /etc/svn-auth-file
> Require valid-user
> </Location>
>
> ---[end viewvc.conf]---
>
> References:
> http://wiki.apache.org/httpd/PasswordBasicAuth
> http://httpd.apache.org/docs/2.0/programs/htpasswd.html
>
> Run her with these changes and respond with the Apachectl
> error message:
>
> apachectl -f /etc/httpd/conf/httpd-testing.conf
>
>
> Call me when you are implementing it and we can hash it out
> real quick.
>
> On 4/20/09, Alan Dayley <> wrote:
> > We are using the ViewVC tool[1] as a web interface for browsing CVS
> > and Subversion repositories. Been working wonderfully for a long
> > time. Recently we wanted to limit the access to browse the source.
> > We want to do this with Apache's basic authentication
> capability. All
> > a great plan.
> >
> > On Red Hat Enterprise Linux 5 the configuration of Apache is
> > controlled by configuration files in /etc/httpd/conf.d.
> Every file in
> > that directory whose name ends in .conf is read as an Apache
> > configuration file. For example, our server has files like
> > apcupsd.conf perl.conf ssl.conf twiki.conf and so on. All
> of them are
> > read in alphabetical order and "concatenate" to make the Apache
> > configuration.
> >
> > The viewvc.conf file is shown below. The attempt is to
> require a user
> > password for all access to ViewVC. The authentication
> points at the
> > user file for Subversion so if you have Subversion access, you have
> > repository browsing access. The user file works fine for
> Subversion
> > as defined in a separate subversion.conf file.
> >
> > The painful part is that the configuration does not work.
> Navigating
> > to the ViewVC URL always results in displaying the interface and
> > information. Apache never asks for the authentication.
> Here is what
> > I have tried:
> >
> > - Rename the viewvc.conf file to viewvc.DISABLED, restart
> Apache, URL
> > now returns 404 not found, as it should
> >
> > - Edit viewvc.conf to put an invalid directive in the <Location>
> > block, restart Apache, Apache fails to start because of a
> > configuration error. This proves that the viewvc.conf file
> is being
> > read.
> >
> > - Navigated to the URL using MS Internet Explorer, which I normally
> > never use. The page loads normally without asking for a password
> > proving it is not a browser caching issue with Firefox.
> >
> > So the file is being read but it is not working at all. Do
> any of you
> > see something obviously wrong with the viewvc.conf contents
> below? Do
> > you have any other things I could try?
> >
> > ---[begin viewvc.conf]---
> >
> > ScriptAlias /viewvc /var/www/cgi-bin/viewvc.cgi ScriptAlias /query
> > /var/www/cgi-bin/query.cgi Alias /viewvc-static /var/www/viewvc
> >
> > <Directory /var/www/viewvc>
> > Order allow,deny
> > Allow from all
> > </Directory>
> >
> > <Directory /var/www/cgi-bin>
> > Order allow,deny
> > Allow from all
> > </Directory>
> >
> > <Location /viewcvs>
> > AuthType Basic
> > AuthName "Subversion ID"
> > AuthUserFile /etc/svn-auth-file
> > Require valid-user
> > </Location>
> >
> > <Location /query>
> > AuthType Basic
> > AuthName "Subversion ID"
> > AuthUserFile /etc/svn-auth-file
> > Require valid-user
> > </Location>
> >
> > ---[end viewvc.conf]---
> >
> > Alan
> >
> > [1]http://viewvc.tigris.org/servlets/ProjectHome
> > ---------------------------------------------------
> > PLUG-discuss mailing list -
> > To subscribe, unsubscribe, or to change your mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
>
>
> --
> www.obnosis.com (503)754-4452
> "Contradictions do not exist." A. Rand
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss