>Number: 3559 >Category: mod_auth-any >Synopsis: .htaccess files ignored, misread >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Fri Dec 18 15:10:00 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.33, 1.32 >Environment: SunOS topweb 5.6 Generic sun4m sparc SUNW,SPARCstation-10 >Description: In the case of a DBM file - the .htaccess file would bring up the login box but would not accept any password as valid - AuthDBM was compiled in and the datbase can be listed and modified via cgi - but won't allow login.
in the case of AuthFileName - the 'Headers" directive produces an error message saying the headers module has not been compiled in. With the headers directive out the dialog box comes up but you still can't login. If I remove the .htaccess file and include the information in access.conf the same problems exist. I have capitalized and put quotes arround strings with little effect. >How-To-Repeat: http://topweb.arc.nasa.gov/database >Fix: The rules for parsing .htaccess files have obviously changed - we need to know the proper syntax. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
