>Number: 5241 >Category: mod_auth-any >Synopsis: .htaccess asks for the user's password twice >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Nov 3 10:00:05 PST 1999 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.4-9 >Environment: uname -a: Linux marley.zenox.dhs.org 2.2.5-22 #1 Wed Jun 2 09:17:03 EDT 1999 i686 unknown
Running RedHat 6.0. Apache installed from tarball and linked with PHP3.0.12 >Description: I am using the following .htaccess file: --------------------------------------- AuthUserFile /etc/shadow AuthGroupFile /usr/local/apache/staff AuthName "Zenox Staff Only" AuthType Basic require valid-user --------------------------- The browser, be it NN or MSIE, always asks the user to input his password twice. >How-To-Repeat: You are not in my password file, but recreation of the problem on your system should be easy? Apache is linked with PHP (which is linked with MySQL and gd1.5) >Fix: I have not found one yet. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, you need] [to include <[EMAIL PROTECTED]> in the Cc line and make sure the] [subject line starts with the report component and number, with ] [or without any 'Re:' prefixes (such as "general/1098:" or ] ["Re: general/1098:"). If the subject doesn't match this ] [pattern, your message will be misfiled and ignored. The ] ["apbugs" address is not added to the Cc line of messages from ] [the database automatically because of the potential for mail ] [loops. If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request from a ] [developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]
