[Bug 1358284] Re: apache 2.4.7 does not respect valid-user
Thanks. Moving this bug to shibboleth-sp2 then. ** Package changed: apache2 (Ubuntu) => shibboleth-sp2 (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1358284 Title: apache 2.4.7 does not respect valid-user To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shibboleth-sp2/+bug/1358284/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1358284] Re: apache 2.4.7 does not respect valid-user
I wanted to check this modification After "a2dismod shib2" and service apache2 restart, require valid-user is OK !! So a loaded mod-shib2 produces the problem -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1358284 Title: apache 2.4.7 does not respect valid-user To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1358284/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1358284] Re: apache 2.4.7 does not respect valid-user
In order to verify this bug we installed a new ubuntu 14.04 server including apache 2.4.7 i.e. no configuration update necessary. And indeed the following configuration works as expected: AuthType Basic AuthName "Restricted Files" AuthBasicProvider file AuthUserFile /path/to/file/.htpasswd require valid-user The problem mentioned above (i.e. no access to the restricted ressource despite using the appropriate credentials) only occurs when mod_shib is enabled. So far so good but we need mod_shib. I will try to get some more information from our shibboleth specialists. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1358284 Title: apache 2.4.7 does not respect valid-user To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1358284/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1358284] Re: apache 2.4.7 does not respect valid-user
I have changed the configuration between 2.2 and 2.4, but the following definition with require valid-user should work. AuthType Basic AuthName "Icinga Access3" AuthBasicProvider file AuthUserFile /etc/icinga/htpasswd.users Require user kornexl .. #Require valid-user If i uncomment the valid-user and comment the above "require user" line the error occours Both require directives come from authz_core. All users in htpasswd.users get authorized if listed in the "require user" line, but noone is authorized with only "require valid-user" active. The htpasswd.users can't be invalid Compiled in modules: core.c mod_so.c mod_watchdog.c http_core.c mod_log_config.c mod_logio.c mod_version.c mod_unixd.c The following modules (from Ubuntu 14.04 LTS) are loaded Loaded Modules: core_module (static) so_module (static) watchdog_module (static) http_module (static) log_config_module (static) logio_module (static) version_module (static) unixd_module (static) alias_module (shared) auth_basic_module (shared) authn_core_module (shared) authn_file_module (shared) authz_core_module (shared) authz_groupfile_module (shared) authz_host_module (shared) authz_user_module (shared) autoindex_module (shared) cgi_module (shared) deflate_module (shared) dir_module (shared) env_module (shared) filter_module (shared) mime_module (shared) mpm_prefork_module (shared) negotiation_module (shared) php5_module (shared) proxy_module (shared) proxy_ajp_module (shared) reqtimeout_module (shared) rewrite_module (shared) setenvif_module (shared) mod_shib (shared) socache_shmcb_module (shared) ssl_module (shared) status_module (shared) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1358284 Title: apache 2.4.7 does not respect valid-user To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1358284/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1358284] Re: apache 2.4.7 does not respect valid-user
** Changed in: apache2 (Ubuntu) Status: Incomplete => New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1358284 Title: apache 2.4.7 does not respect valid-user To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1358284/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1358284] Re: apache 2.4.7 does not respect valid-user
Please can you confirm that you've read and understood the authorization-related configuration directive changes between 2.2 and 2.4 as documented in http://httpd.apache.org/docs/2.4/upgrading.html and http://httpd.apache.org/docs/2.4/howto/auth.html? There are mandatory configuration changes needed here; it is not automatic. If you have updated your configuration according to these documents but still have a problem, then please re-phrase your report in terms of the 2.4 documentation, since the keeping the same 2.2 configuration in 2.4 is expected and documented to break, and thus is not a bug. Once you've responded, please change the bug status back to New. ** Changed in: apache2 (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1358284 Title: apache 2.4.7 does not respect valid-user To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1358284/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1358284] Re: apache 2.4.7 does not respect valid-user
We have exactly the same problem here using apache 2.4.7 on Ubuntu 14.04. The following configuration does not work i.e. i could not access the restricted ressource: AuthType Basic AuthName "Restricted Files" AuthBasicProvider file AuthUserFile /path/to/file/.htpasswd require valid-user If I use "require user jfoe" I can access the ressource: AuthType Basic AuthName "Restricted Files" AuthBasicProvider file AuthUserFile /path/to/file/.htpasswd require user jdoe The same is true if I use AuthBasicProvider ldap instead of file. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1358284 Title: apache 2.4.7 does not respect valid-user To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1358284/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1358284] Re: apache 2.4.7 does not respect valid-user
This system was upgraded by do-release-upgrade from 12.04 LTS -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1358284 Title: apache 2.4.7 does not respect valid-user To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1358284/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1358284] Re: apache 2.4.7 does not respect valid-user
** Tags added: trusty ** Package changed: ubuntu => apache (Ubuntu) ** Package changed: apache (Ubuntu) => apache2 (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1358284 Title: apache 2.4.7 does not respect valid-user To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1358284/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs