Am Sat, 16 Sep 2017 08:35:59 -0400
schrieb "tec...@protonmail.com" <tec...@protonmail.com>:
> You are a legend. Got it working with that!
>
> Thank you so much, saved me a bigger headache!
>
> p.s. Still, looking at the man page that really is not obvious where
> it mentions [realm] and [htpasswd].
Whats wrong with the manpage?
[no] authenticate [realm] with htpasswd
Authenticate a remote user for realm by checking the
credentials against the user authentication file htpasswd.
The file name is relative to the chroot and must be
readable by the www user. Use the no authenticate directive
to disable authentication in a location.
Authenticate a remote user for realm by checking the
credentials against the user authentication file htpasswd.
The file name is relative to the chroot and must be readable
by the www user. Use the no authenticate directive to disable
authentication in a location.
> I read it totally differently, that the htpasswd is a location to a
> file and not just a declaration to look for a file in the current dir
> named htpasswd etc.
The htpasswd IS a file:
location "/*" { authenticate with "/htpasswd" }
In this example the passwordfile is named "htpasswd" and is in /var/www
(Note that httpd(8) is chrooted by default)
> I wonder where did "Secure Area" came from too,
> 'realm' is mentioned but I had not a clue what it even was. I still
> don't.
From RFC 1945 (HTTP/1.0) and RFC 2617 (HTTP Authentication referenced
by HTTP/1.1):
The realm attribute (case-insensitive) is required for all
authentication schemes which issue a challenge. The realm value
(case-sensitive), in combination with the canonical root URL of the
server being accessed, defines the protection space. These realms allow
the protected resources on a server to be partitioned into a set of
protection spaces, each with its own authentication scheme and/or
authorization database. The realm value is a string, generally assigned
by the origin server, which may have additional semantics specific to
the authentication scheme.
In short, pages in the same realm should share credentials. If your
credentials work for a page with the realm "My Realm", it should be
assumed that the same username and password combination should work for
another page with the same realm.
> I cannot stand the man page for httpd.conf - so much
> frustration for me.
If you have concrete questions then ask.
My experience is that someone on the list will try to help.
But by now: ... what is your question?
