Mailinglist Archive: opensuse-security (332 mails)
| < Previous | Next > |
Re: [suse-security] Apache User Authentication
- From: Armin Schoech <schoech@xxxxxxxxxxxx>
- Date: Fri, 10 Sep 2004 08:14:33 +0000 (GMT)
- Message-id: <Pine.LNX.4.58.0409100813580.659@xxxxxxxxxxxxxxxxxxxxx>
Hi Eric,
> I am trying to setup user authentication on my SUSE 9.0 box and I keep=20
> running into 500 errors, or the username and password will not work in=20
> the pop up window. The errors I get in the logs are:
>=20
> [Thu Sep 09 12:00:24 2004] [error] [client 192.168.1.103] (2)No such=20
> file or directory: Could not open password file: /etc/apache/.htaccess
> [Thu Sep 09 12:00:24 2004] [error] [client 192.168.1.103] user admin not=
=20
> found: /
>
--> Just a thought: have you check the ownership and access rights of
/etc/apache/.htaccess ?
On my SuSE 9.0 system, the process "httpd" runs as user "wwwrun". So=20
/etc/apache/.htaccess should be readable by user "wwwrun" and probably=20
not by anyone else (to protect from local users).
HTH,
Armin
--=20
Am Hasenberg 26 office: Institut f=FCr Atmosph=E4renphysik
D-18209 Bad Doberan Schloss-Stra=DFe 6
Tel. ++49-(0)38203/42137 D-18225 K=FChlungsborn / GERMANY
Email: schoech@xxxxxxxxxxxx Tel. +49-(0)38293-68-102
WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
> I am trying to setup user authentication on my SUSE 9.0 box and I keep=20
> running into 500 errors, or the username and password will not work in=20
> the pop up window. The errors I get in the logs are:
>=20
> [Thu Sep 09 12:00:24 2004] [error] [client 192.168.1.103] (2)No such=20
> file or directory: Could not open password file: /etc/apache/.htaccess
> [Thu Sep 09 12:00:24 2004] [error] [client 192.168.1.103] user admin not=
=20
> found: /
>
--> Just a thought: have you check the ownership and access rights of
/etc/apache/.htaccess ?
On my SuSE 9.0 system, the process "httpd" runs as user "wwwrun". So=20
/etc/apache/.htaccess should be readable by user "wwwrun" and probably=20
not by anyone else (to protect from local users).
HTH,
Armin
--=20
Am Hasenberg 26 office: Institut f=FCr Atmosph=E4renphysik
D-18209 Bad Doberan Schloss-Stra=DFe 6
Tel. ++49-(0)38203/42137 D-18225 K=FChlungsborn / GERMANY
Email: schoech@xxxxxxxxxxxx Tel. +49-(0)38293-68-102
WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
| < Previous | Next > |