Authentication method by htaccess/htpasswd

Authentication method by htaccess/htpasswd

am 24.03.2010 14:57:58 von Wagner Pereira

Hi again.

I am gonna make the same question in an other way.

When I access the Rancid via cvsweb, from my computer, it is required
the user/password which I generated by htpasswd. That's right.

But, when I try to access it through other two different computers, that
authentication method is not required.

Below are my configuration files:

httpd.conf

======================

Order allow,deny
Deny from all
Satisfy All



Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order deny,allow
Deny from all
Allow from 10.0.0.1/255.255.255.0
Allow from 10.0.0.2/255.255.255.0

======================

..htaccess

======================
AuthName "Area Restrita - Entre com Login/Password"
AuthType Basic
AuthUserFile /var/www/cvsweb/.htpasswd
AuthGroupFile /dev/null

require valid-user

======================

--

Wagner Pereira

PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Authentication method by htaccess/htpasswd

am 24.03.2010 15:06:15 von Libo Song

I don't know how to answer your question. But I saw your previous emails.
People who may know the problem were asking you for the log messages.
You'd better provide those log.

Best,
Libo

On Wed, Mar 24, 2010 at 9:57 AM, Wagner Pereira wr=
ote:
> Hi again.
>
> I am gonna make the same question in an other way.
>
> When I access the Rancid via cvsweb, from my computer, it is required the
> user/password which I generated by htpasswd. That's right.
>
> But, when I try to access it through other two different computers, that
> authentication method is not required.
>
> Below are my configuration files:
>
> httpd.conf
>
> ==================== ==
>
> Order allow,deny
> Deny from all
> Satisfy All
>

>
>
> Options Indexes FollowSymLinks MultiViews
> AllowOverride All
> Order deny,allow
> Deny from all
> Allow from 10.0.0.1/255.255.255.0
> Allow from 10.0.0.2/255.255.255.0
>

> ==================== ==
>
> .htaccess
>
> ==================== ==
> AuthName "Area Restrita - Entre com Login/Password"
> AuthType Basic
> AuthUserFile /var/www/cvsweb/.htpasswd
> AuthGroupFile /dev/null
>
> require valid-user
>

> ==================== ==
>
> --
>
> Wagner Pereira
>
> PoP-SP/RNP - Ponto de Presen=E7a da RNP em S=E3o Paulo
> CCE/USP - Centro de Computação Eletr=F4nica da Universidade de S=E3o =
Paulo
> http://www.pop-sp.rnp.br
> Tel. (11) 3091-8901
>
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project=
..
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> =A0" =A0 from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Authentication method by htaccess/htpasswd

am 24.03.2010 15:20:40 von Wagner Pereira

Good point, Libo.

What are these log files? If someone can tell me that, I'll provide
those, no doubt.

Hugs,

--

Wagner Pereira

PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901



Libo Song escreveu:
> I don't know how to answer your question. But I saw your previous emails.
> People who may know the problem were asking you for the log messages.
> You'd better provide those log.
>
> Best,
> Libo
>
> On Wed, Mar 24, 2010 at 9:57 AM, Wagner Pereira wrote:
>
>> Hi again.
>>
>> I am gonna make the same question in an other way.
>>
>> When I access the Rancid via cvsweb, from my computer, it is required the
>> user/password which I generated by htpasswd. That's right.
>>
>> But, when I try to access it through other two different computers, that
>> authentication method is not required.
>>
>> Below are my configuration files:
>>
>> httpd.conf
>>
>> ======================
>>
>> Order allow,deny
>> Deny from all
>> Satisfy All
>>

>>
>>
>> Options Indexes FollowSymLinks MultiViews
>> AllowOverride All
>> Order deny,allow
>> Deny from all
>> Allow from 10.0.0.1/255.255.255.0
>> Allow from 10.0.0.2/255.255.255.0
>>

>> ======================
>>
>> .htaccess
>>
>> ======================
>> AuthName "Area Restrita - Entre com Login/Password"
>> AuthType Basic
>> AuthUserFile /var/www/cvsweb/.htpasswd
>> AuthGroupFile /dev/null
>>
>> require valid-user
>>

>> ======================
>>
>> --
>>
>> Wagner Pereira
>>
>> PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
>> CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
>> http://www.pop-sp.rnp.br
>> Tel. (11) 3091-8901
>>
>>
>> ------------------------------------------------------------ ---------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Authentication method by htaccess/htpasswd

am 24.03.2010 15:24:55 von Libo Song

Usually it is at here: /usr/local/apache2/logs/error_log
You may have a different location. Check you installation.

Cheers,

On Wed, Mar 24, 2010 at 10:20 AM, Wagner Pereira w=
rote:
> Good point, Libo.
>
> What are these log files? If someone can tell me that, I'll provide those=
,
> no doubt.
>
> Hugs,
>
> --
>
> Wagner Pereira
>
> PoP-SP/RNP - Ponto de Presen=E7a da RNP em S=E3o Paulo
> CCE/USP - Centro de Computação Eletr=F4nica da Universidade de S=E3o =
Paulo
> http://www.pop-sp.rnp.br
> Tel. (11) 3091-8901
>
>
>
> Libo Song escreveu:
>>
>> I don't know how to answer your question. But I saw your previous emails=
..
>> People who may know the problem were asking you for the log messages.
>> You'd better provide those log.
>>
>> Best,
>> Libo
>>
>> On Wed, Mar 24, 2010 at 9:57 AM, Wagner Pereira
>> wrote:
>>
>>>
>>> Hi again.
>>>
>>> I am gonna make the same question in an other way.
>>>
>>> When I access the Rancid via cvsweb, from my computer, it is required t=
he
>>> user/password which I generated by htpasswd. That's right.
>>>
>>> But, when I try to access it through other two different computers, tha=
t
>>> authentication method is not required.
>>>
>>> Below are my configuration files:
>>>
>>> httpd.conf
>>>
>>> ==================== ==
>>>
>>> Order allow,deny
>>> Deny from all
>>> Satisfy All
>>>

>>>
>>>
>>> Options Indexes FollowSymLinks MultiViews
>>> AllowOverride All
>>> Order deny,allow
>>> Deny from all
>>> Allow from 10.0.0.1/255.255.255.0
>>> Allow from 10.0.0.2/255.255.255.0
>>>

>>> ==================== ==
>>>
>>> .htaccess
>>>
>>> ==================== ==
>>> AuthName "Area Restrita - Entre com Login/Password"
>>> AuthType Basic
>>> AuthUserFile /var/www/cvsweb/.htpasswd
>>> AuthGroupFile /dev/null
>>>
>>> require valid-user
>>>

>>> ==================== ==
>>>
>>> --
>>>
>>> Wagner Pereira
>>>
>>> PoP-SP/RNP - Ponto de Presen=E7a da RNP em S=E3o Paulo
>>> CCE/USP - Centro de Computação Eletr=F4nica da Universidade de S=E3=
o Paulo
>>> http://www.pop-sp.rnp.br
>>> Tel. (11) 3091-8901
>>>
>>>
>>> ------------------------------------------------------------ ---------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> =A0" =A0 from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>>
>>
>> ------------------------------------------------------------ ---------
>> The official User-To-User support forum of the Apache HTTP Server Projec=
t.
>> See for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> =A0 " =A0 from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project=
..
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> =A0" =A0 from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Authentication method by htaccess/htpasswd

am 24.03.2010 15:44:40 von Tom Evans

On Wed, Mar 24, 2010 at 2:20 PM, Wagner Pereira wrote:
> Good point, Libo.
>
> What are these log files? If someone can tell me that, I'll provide those,
> no doubt.
>
> Hugs,
>
> --
>
> Wagner Pereira
>

In one of your other 10 or so threads, you posted these logs:

[Tue Mar 23 18:25:46 2010] [error] [client 10.0.0.2] (13)Permission
denied: Could not open password file: /var/www/cvsweb/.htpasswd,
referer: http://100.10.10.1/cgi-bin/cvsweb/
[Tue Mar 23 18:25:46 2010] [error] [client 10.0.0.2] (13)Permission
denied: Could not open password file: /var/www/cvsweb/.htpasswd,
referer: http://100.10.10.1/cgi-bin/cvsweb/

Have you fixed that problem?

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Authentication method by htaccess/htpasswd

am 24.03.2010 15:50:33 von Eric Covener

> When I access the Rancid via cvsweb, from my computer, it is required the
> user/password which I generated by htpasswd. That's right.
>
> But, when I try to access it through other two different computers, that
> authentication method is not required.
>

"Satisfy all"?

> Allow from 10.0.0.1/255.255.255.0
> Allow from 10.0.0.2/255.255.255.0

This is odd on a number of levels, try using individual IP addresses
to simplify or look at the examples in the manual.

Please do not create additional unnecessary threads.

--
Eric Covener
covener@gmail.com

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Win32 Binary for Apache 1.3.42

am 24.03.2010 15:53:33 von Michelle.Du

Hello All,

Please help! Does anybody know where I can get the Win32 binary for Apache =
1.3.42?

Thanks in advance!
Michelle


This e-mail transmission may contain information that is proprietary, privi=
leged and/or confidential and is intended exclusively for the person(s) to =
whom it is addressed. Any use, copying, retention or disclosure by any pers=
on other than the intended recipient or the intended recipient's designees =
is strictly prohibited. If you are the intended recipient, you must treat t=
he information in confidence and in accordance with all laws related to the=
privacy and confidentiality of such information. If you are not the inten=
ded recipient or their designee, please notify the sender immediately by re=
turn e-mail and delete all copies of this email, including all attachments.

Intervoice, Inc. 17811 Waterview Parkway Dallas, TX 75252 USA

Intervoice Limited, Registered in England and Wales with number 2601740, 50=
Park Road, Gatley, Cheshire, SK8 4HZ. VAT Number: 560421375

Intervoice GmbH, Hagenauer Stra?e 55, 65203 Wiesbaden, Sitz der Gesellschaf=
t: Wiesbaden, Handelsregister: HRB 8186 (Amtsgericht Wiesbaden), Gesch?ftsf=
?hrer: Wayne Barclay, Steffen Selbmann

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Win32 Binary for Apache 1.3.42

am 24.03.2010 16:00:00 von Tom Evans

On Wed, Mar 24, 2010 at 2:53 PM, Du, Michelle wrote:
> Hello All,
>
> Please help! Does anybody know where I can get the Win32 binary for Apache 1.3.42?
>
> Thanks in advance!
> Michelle
>
>

It should be here -
http://archive.apache.org/dist/httpd/binaries/win32/ - but it isn't,
dunno why.

You really really should not be using httpd 1.3 on windows, it has
some major flaws on windows. The 2.2 version runs significantly better
on windows than 1.3

Cheers

Tom

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: Win32 Binary for Apache 1.3.42

am 24.03.2010 16:13:47 von Michelle.Du

Thanks, Tom, for your reply!

We do plan to update to Apache 2.2 later this year, but couldn't at this mo=
ment.

Michelle

-----Original Message-----
From: Tom Evans [mailto:tevans.uk@googlemail.com]
Sent: Wednesday, March 24, 2010 10:00 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Win32 Binary for Apache 1.3.42

On Wed, Mar 24, 2010 at 2:53 PM, Du, Michelle w=
rote:
> Hello All,
>
> Please help! Does anybody know where I can get the Win32 binary for Apach=
e 1.3.42?
>
> Thanks in advance!
> Michelle
>
>

It should be here -
http://archive.apache.org/dist/httpd/binaries/win32/ - but it isn't,
dunno why.

You really really should not be using httpd 1.3 on windows, it has
some major flaws on windows. The 2.2 version runs significantly better
on windows than 1.3

Cheers

Tom

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


This e-mail transmission may contain information that is proprietary, privi=
leged and/or confidential and is intended exclusively for the person(s) to =
whom it is addressed. Any use, copying, retention or disclosure by any pers=
on other than the intended recipient or the intended recipient's designees =
is strictly prohibited. If you are the intended recipient, you must treat t=
he information in confidence and in accordance with all laws related to the=
privacy and confidentiality of such information. If you are not the inten=
ded recipient or their designee, please notify the sender immediately by re=
turn e-mail and delete all copies of this email, including all attachments.

Intervoice, Inc. 17811 Waterview Parkway Dallas, TX 75252 USA

Intervoice Limited, Registered in England and Wales with number 2601740, 50=
Park Road, Gatley, Cheshire, SK8 4HZ. VAT Number: 560421375

Intervoice GmbH, Hagenauer Stra?e 55, 65203 Wiesbaden, Sitz der Gesellschaf=
t: Wiesbaden, Handelsregister: HRB 8186 (Amtsgericht Wiesbaden), Gesch?ftsf=
?hrer: Wayne Barclay, Steffen Selbmann

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Authentication method by htaccess/htpasswd

am 24.03.2010 16:30:08 von Wagner Pereira

** Thanks, Libo.

Eric (and Tom Evans),

I changed my httpd.conf. Now it is as follows:

Allow from [ip_01]/32
Allow from [ip_02]/32

Then I tried to access the Rancid, via browser, from my computer
[ip_01]. User/Pass were required. Nice!

But, when I tried to access it from the other computer [ip_02] either
user and password weren't required.

Below it is my Apache log (what is weird, because I am able to access
the Rancid via cvsweb, although this (13)Permission denied).

error.log
==============
[Wed Mar 24 12:19:15 2010] [error] [client ip_01] (13)Permission denied:
Could not open password file: /var/www/cvsweb/.htpasswd, referer:
http://ip_rancid_server/cgi-bin/cvsweb/
[Wed Mar 24 12:19:15 2010] [error] [client ip_01] (13)Permission denied:
Could not open password file: /var/www/cvsweb/.htpasswd, referer:
http://ip_rancid_server/cgi-bin/cvsweb/
[Wed Mar 24 12:19:18 2010] [error] [client ip_01] File does not exist:
/var/www/favicon.ico
==============

--

Wagner Pereira

PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901



Eric Covener escreveu:
>> When I access the Rancid via cvsweb, from my computer, it is required the
>> user/password which I generated by htpasswd. That's right.
>>
>> But, when I try to access it through other two different computers, that
>> authentication method is not required.
>>
>>
>
> "Satisfy all"?
>
>
>> Allow from 10.0.0.1/255.255.255.0
>> Allow from 10.0.0.2/255.255.255.0
>>
>
> This is odd on a number of levels, try using individual IP addresses
> to simplify or look at the examples in the manual.
>
> Please do not create additional unnecessary threads.
>
>

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org