The following reply was made to PR mod_auth-any/4700; it has been noted by GNATS.
From: Dirk-Willem van Gulik <[EMAIL PROTECTED]> To: Dan Armstrong <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Subject: Re: mod_auth-any/4700: Basic Authentication - Correct Username/Password pairs never accepted Date: Tue, 6 Jul 1999 09:39:05 +0200 (CEST) You need to specify the full path for the password files, if I recall correctly. And beware, that, even if things go wrong, you will not see anything in the logs as you have set the log level too high. Set it to info or at least to warning to see what is cooking. DW. On 5 Jul 1999, Dan Armstrong wrote: > > >Number: 4700 > >Category: mod_auth-any > >Synopsis: Basic Authentication - Correct Username/Password pairs > >never accepted > >Confidential: no > >Severity: non-critical > >Priority: medium > >Responsible: apache > >State: open > >Class: sw-bug > >Submitter-Id: apache > >Arrival-Date: Mon Jul 5 14:50:00 PDT 1999 > >Last-Modified: > >Originator: [EMAIL PROTECTED] > >Organization: > apache > >Release: 1.3.6 > >Environment: > uname -a: > Linux xxx.xxx.xxx.xxx 2.2.3 #8 SMP Wed Apr 7 16:12:59 CDT 1999 i686 unknown > > gcc --version: > 2.7.2.3 > > ldd httpd: > libm.so.5 => libm.so.5.0.9 > libcrypt.so.1 => libcrypt-2.0.7.so > libc.so.6 => libc-2.0.7.so > /lib/ld-linux.so.2 => ld-2.0.7.so > >Description: > Upgraded from 1.3.4 to 1.3.6 > Basic Authentication with one user in one group > User is never allowed access > > Nothing ever logged in either the Root Server or Virtual Host error log files > >How-To-Repeat: > (Not) working example currently at http://passwdtest.daughtkom.com/ > > Use Apache version 1.3.6 > > /usr/httpd/conf/httpd.conf: > # This is my configuration of compiled in modules > Alias /icons/ /usr/httpd/icons/ > IndexOptions FancyIndexing IconHeight IconWidth NameWidth=* > SuppressDescription > AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip > AddIconByType (TXT,/icons/text.gif) text/* > [more icons types] > AddIcon /icons/binary.gif .bin .exe > [more icons] > DefaultIcon /icons/unknown.gif > ReadmeName README > HeaderName HEADER > IndexIgnore .??* *~ *# HEADER* README* RCS > LogFormat "%h %l %u %t \"%r\" %>s %b" common > CustomLog /var/log/httpd/access_log common > TypesConfig /etc/mime.types > AddEncoding x-compress Z > AddEncoding x-gzip gz > AddLanguage en .en > # LanguagePriority en > AddType text/html .shtml > AddHandler server-parsed .shtml > AddHandler imap-file map > BrowserMatch "Mozilla/2" nokeepalive > [more browser matches] > > # These are my global settings > AccessConfig /dev/null > BindAddress * > ContentDigest off > CoreDumpDirectory /usr/httpd > DefaultType text/plain > DirectoryIndex index.html index.shtml > DocumentRoot /usr/httpd/html > ErrorLog /var/log/httpd/error_log > Group www > HostNameLookups off > IdentityCheck off > KeepAlive On > KeepAliveTimeout 15 > LogLevel crit > MaxClients 256 > MaxKeepAliveRequests 100 > MaxRequestsPerChild 0 > MaxSpareServers 10 > MinSpareServers 5 > PidFile /var/run/httpd.pid > Port 80 > ResourceConfig /dev/null > ScoreBoardFile /var/run/httpd.scoreboard > ServerAdmin [EMAIL PROTECTED] > ServerName localhost > ServerRoot /usr/httpd > ServerSignature Off > ServerTokens Minimal > ServerType standalone > StartServers 5 > TimeOut 300 > UseCanonicalName on > User www > <Directory /> > AllowOverride None > Deny from All > Order deny,allow > Options None > </Directory> > <Directory /usr/httpd/icons> > Allow from All > Order allow,deny > </Directory> > <Directory /usr/httpd/html> > Allow from All > Order allow,deny > </Directory> > > # And finally the virtual hosts > NameVirtualHost 216.178.140.50 > > <VirtualHost 216.178.140.50> > ServerName passwdtest.daughtkom.com > DocumentRoot /home/passwdtest/html > ServerAdmin [EMAIL PROTECTED] > LogFormat "%h %l %u %t \"%r\" %>s %b" common > CustomLog /home/passwdtest/var/log/access_log common > ErrorLog /home/passwdtest/var/log/error_log > <Directory /home/passwdtest/html> > Allow from All > Order allow,deny > </Directory> > <Directory /home/passwdtest/html/password_protected> > AuthGroupFile conf/group > AuthUserFile conf/passwd > AuthType Basic > AuthName "Test User" > require group test > </Directory> > </VirtualHost> > > /usr/httpd/conf/group: > test: test > > /usr/httpd/conf/passwd: > test:C284MBhj4uIVY > >Fix: > Fix or document what has changed from 1.3.4 to 1.3.6 regarding > authentication configuration. > > Thank you > >Audit-Trail: > >Unformatted: > [In order for any reply to be added to the PR database, you need] > [to include <[EMAIL PROTECTED]> in the Cc line and make sure the] > [subject line starts with the report component and number, with ] > [or without any 'Re:' prefixes (such as "general/1098:" or ] > ["Re: general/1098:"). If the subject doesn't match this ] > [pattern, your message will be misfiled and ignored. The ] > ["apbugs" address is not added to the Cc line of messages from ] > [the database automatically because of the potential for mail ] > [loops. If you do not include this Cc, your reply may be ig- ] > [nored unless you are responding to an explicit request from a ] > [developer. Reply only with text; DO NOT SEND ATTACHMENTS! ] > > > >
