https://issues.apache.org/bugzilla/show_bug.cgi?id=55408
Bug ID: 55408
Summary: mod_auth directives are not respected in vhost
containers
Product: Apache httpd-2
Version: 2.4-HEAD
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_vhost_alias
Assignee: [email protected]
Reporter: [email protected]
Prequisites:
mod_auth_basic is enabled
mod_vhost_alias is enabled
You've created an .htpasswd file in /etc/apache2, with 1 user, "johndoe".
apache.conf
<Directory /var/www>
Require all granted
</Directory>
1 vhost is enabled:
/etc/apache2/sites-enabled/[000-site.conf -> ../sites-available/000-site.conf]
000-site.conf
<VirtualHost *:80>
ServerName site.com
ServerAlias *.site.com
VirtualDocumentRoot "/var/www/%0/public"
<Directory "/var/www/%0/public">
Options All
AllowOverride All
AuthName "Private"
AuthType Basic
AuthBasicProvider file
AuthUserFile "/etc/apache2/.htpasswd"
Require user "johndoe"
</Directory>
</VirtualHost>
To test this configuration from your command line:
curl my.site.com
Result:
HTTP/1.1 200 OK
Expected:
HTTP/1.1 401 Unauthorized
To get around this odd behavior:
000-site.conf
<VirtualHost *:80>
ServerName site.com
ServerAlias *.site.com
VirtualDocumentRoot "/var/www/%0/public"
<Directory "/var/www">
Require all denied
AuthName "Private"
AuthType Basic
AuthBasicProvider file
AuthUserFile "/etc/apache2/.htpasswd"
Require user "johndoe"
</Directory>
<Directory "/var/www/%0/public">
Options All
AllowOverride All
</Directory>
</VirtualHost>
Test:
curl my.site.com
Result:
HTTP/1.1 401 Unauthorized
Possibly related bugs:
https://issues.apache.org/bugzilla/show_bug.cgi?id=55392
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
