Just to be sure, I'll ask the obvious questions... you have put the proper accounts into .slf-man-pp and .slf-managers?
Are there any .htaccess files in the second directory tree? (Are there any in the first?) BTW we can't test those links because of the domain restriction. I get a 403 for the first and a 404 for the second. Dean On Mon, 17 Mar 1997, Stephen Fitzgerald wrote: > > The contract type is `' with a response time of 3 business hours. > A first analysis should be sent before: Tue Mar 18 11:00:00 PST 1997 > > > >Number: 239 > >Category: config > >Synopsis: Directory config inconsistent > >Confidential: no > >Severity: critical > >Priority: medium > >Responsible: apache (Apache HTTP Project) > >State: open > >Class: sw-bug > >Submitter-Id: apache > >Arrival-Date: Mon Mar 17 19:50:00 1997 > >Originator: [EMAIL PROTECTED] > >Organization: > apache > >Release: 1.2b7 > >Environment: > Linux 3.0.3, kernel 2.0.18, gcc 2.7.2 > > Netscape 3.0.1 Gold > >Description: > I have a number of directories I need to protect. 1 protection configuration > works and the others do not. > > The following configuration works as expected - only users with > password in .htpasswd file can access the directory. > > # directory secured with .htaccess within directory > > <Directory /home/httpd/html/prot> > Options Indexes FollowSymlinks > AllowOverride AuthConfig > AuthUserFile /etc/httpd/conf/.htpasswd > AuthGroupFile /etc/httpd/conf/.htgroup > AuthName Password > AuthType Basic > require group all-the-users > <Limit GET PUT POST> > order deny,allow > deny from all > allow from twpo.com.au, defence.gov.au > </Limit> > </Directory> > > The following protection config does not work. > > <Directory /home/httpd/html/SLF/weekly-files/pp> > Options Indexes FollowSymlinks > AllowOverride All > AuthUserFile /etc/httpd/conf/.slf-man-pp > AuthGroupFile /etc/httpd/conf/.slf-managers > AuthName Password > AuthType Basic > require group all-the-managers > <Limit GET PUT POST> > order deny,allow > deny from all > allow from twpo.com.au, defence.gov.au > </Limit> > > </Directory> > > The only difference I can determine is that the second one is not in > the root of the server - however a move to root does not fix it. > > The error log does not report anything, an incorrect passwd however is > reported. The user puts in passwd after user name and gets an > "Authorisation Failed - Retry?" message. > > I have tried just about all different configs, using Files, Location but > all fail. > > Any help appreciated > >How-To-Repeat: > www.twpo.com.au/prot/times.html - works OK > www.twpo.com.au/SLF/weekly-files/pp/p1_02pp.html - fails > > I will create a user apache, passwd apache > > >Fix: > I wish I did!%2 > >Audit-Trail: > >Unformatted: > > >
