Question

5

apache2 digest authentication

rated 0 times [ 5] [ 0] / answers: 1 / hits: 7556 / 2 Years ago, thu, march 24, 2022, 9:48:41

Here is my site file on Ubuntu server 11.10:

<IfModule mod_ssl.c>

<VirtualHost *:443>

    ServerAdmin webmaster@localhost



    DocumentRoot /var/www/mydir

    ServerAlias *.mydomain.no-ip.info

    <Directory />

            Options FollowSymLinks

            AllowOverride None

    </Directory>

    <Directory /var/www/mydir>

            Options Indexes FollowSymLinks MultiViews

            AllowOverride None

            Order allow,deny

            allow from all

    </Directory>



    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

    <Directory "/usr/lib/cgi-bin">

            AllowOverride None

            Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch

            Order allow,deny

            Allow from all

    </Directory>



    ErrorLog ${APACHE_LOG_DIR}/error.log



    # Possible values include: debug, info, notice, warn, error, crit,

    # alert, emerg.

    LogLevel warn



    CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined



    Alias /doc/ "/usr/share/doc/"

    <Directory "/usr/share/doc/">

            Options Indexes MultiViews FollowSymLinks

            AllowOverride None

            Order deny,allow

            Deny from all

            Allow from 127.0.0.0/255.0.0.0 ::1/128

    </Directory>



    #   SSL Engine Switch:

    #   Enable/Disable SSL for this virtual host.

    SSLEngine on



    #   A self-signed (snakeoil) certificate can be created by installing

    #   the ssl-cert package. See

    #   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.

    #   If both key and certificate are stored in the same file, only the

    #   SSLCertificateFile directive is needed.

    SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem

    SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

 </VirtualHost>

 </IfModule>

Now I wanted authorized access to directory:

/var/www/mydir/private

I created the digest file like this:

sudo htdigest -c /etc/apache2/digest_auth users enedene

So I added the following before the <Virtualhost>:

<Directory "/var/www/mydir/private/">

            AuthType Digest

            AuthName "Private"

            AuthDigestProvider file

            AuthUserFile /etc/apache2/digest_auth

            Require enedene

</Directory>

I restarted the web server and when I go to link:

https://mydomain.no-ip.info/private

I get prompted with a username and password as I wanted, but the problem is that it doesn't except the user/password that I've created, it just continuously denies and prompts again, as if the username/password combination is wrong.

What is wrong with my setup?

EDIT:

Here is what /var/log/apache2/error.log says:

[Wed Dec 07 18:00:47 2011] [error] [client 188.129.120.255] File does not exist: /var/www/mydir/favicon.ico

[Wed Dec 07 18:01:07 2011] [error] [client 188.129.120.255] Digest: user `enedene' in realm `Private' not found: /private

The first line is when I connect to site, but the site works, the second line is when I try to access the /var/www/mydir/private dir, authentication comes to browser but I can't get in.

EDIT 2:

After changing AuthName to "users" new error:

[Wed Dec 07 18:07:59 2011] [error] [client 188.129.120.255] access to /private failed, reason: require directives present and no Authoritative handler.

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

ameatoes

Add To Favorites

Follow

Total Points: 321

Total Questions: 106

Total Answers: 112

Location: Belarus

Member since Sat, Jul 18, 2020

4 Years ago

answered 2 Years ago epypian · Accepted Answer

I believe since your realm is users then your AuthName directive should be "users"

Instead of AuthNmae "Private" try, AuthName "users"
restart apache with;

sudo service apache2 reload