Hi,
I have mod_ssl-2.3.5.-1.3.6 running on apache-1.3.6 with openSSL-0.9.3a
(all the latest stuff as far as I'm aware) running on RedHat 5.2
I have a discussion board that I'm trying to enable user-authentication
on, but I can't seem to get my SSL-enabled web site to recognize my
.htaccess files. I have created the same discussion site with the same
.htaccess files in a non-SSL part of my web site and it works; a popup
window prompts the user for name and password when they try to access
the discussion board. When I access the discussion board on the
SSL-enabled site, it just goes straight into the site without the popup
appearing.
Here's my .htaccess file:
--------------
AuthUserFile /home/.htpasswd
AuthGroupFile /home/.htgroup
AuthName "Restricted Forum"
AuthType Basic
require group it-team
--------------
Here's my httpd.conf file (only the uncommented SSL stuff):
--------------
<IfDefine SSL>
<VirtualHost _default_:443>
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/ursa.cer
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/ursa.key
SSLOptions +FakeBasicAuth
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /etc/httpd/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfDefine>
--------------
I thought using the FakeBasicAuth option would do it, but it's not
working. Do I need to use the SSLRequire directive? It seemed too
complicated for a newbie like me to tackle.
I've looked through the manual and searched the mailing list but I
haven't been able to find a solution that works for me. Do you have any
ideas?
Thanks!
Jim Tay
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
