[RndTbl] Apache/SSL

Gilbert E. Detillieux gedetil at cs.umanitoba.ca
Wed Apr 16 18:09:12 CDT 2003


According to Raymond J. Henry:
> Anyone with Apache/SSL experience care to lend a helping hand?
> 
> I've got Apache compiled with mod_ssl, and it seems to be working fine. In
> fact, I know that part is working fine. Where my trouble lies is with
> forcing it to look look for the userID/password to access the directory.

Which, by the way, has nothing to do with the SSL support.

> It allows any conenction to view the page, without prompting for userID/PW.
> httpd.conf points traffic for hermes.manitobamall.net to
> /www/htdocs/manitobamall/.
> 
> Looked around for everything I could find on the 'Net, and tried all
> variations of examples, still the same.
> ____________________
> 
> /www/htdocs/test/.htaccess:
> 
> AuthUserFile /www/pw/.file-password
> AuthGroupFile /dev/null

I think you can just leave out the AuthGroupFile directive if you're not
actually specifying a group file.

> AuthName "TestPage"

Set the AuthName directive to a name or string that will make sense in
the userid/password prompt in the pop-up dialog box.

> AuthType Basic
> 
> <Limit GET POST PUT>
> require user test
> </Limit>

We usually just specify the following...

require valid-user

... without using the Limit tags.  This will allow any valid userid that's
found in the specified password file.

> /www/pw/.filepassword:
> 
> test: 38sqpB6MNb7BA

If that's white space after the colon, you'll need to remove that.  In fact,
this may be your only real problem.

Hope this helps.

-- 
Gilbert E. Detillieux		E-mail:	<gedetil at cs.umanitoba.ca>
Dept. of Computer Science	Web:	http://www.cs.umanitoba.ca/~gedetil/
University of Manitoba		Phone:	(204)474-8161
Winnipeg, MB, CANADA  R3T 2N2	Fax:	(204)474-7609



More information about the Roundtable mailing list