Problem with configuring apache for authentication...

Got problems with Bubba? Then this forum is for you.
Locked
dengamle
Posts: 19
Joined: 05 Jan 2007, 20:14

Problem with configuring apache for authentication...

Post by dengamle » 13 Jan 2007, 22:55

Hi,

I have managed to get SPGM photo gallery up and running just fine now (referring to post http://excito.org/forum/viewtopic.php?t=10), but now I have another problem :)

First of all, I don't have a lot of experience in this area, so I might have overlooked something elementary here, but:

I want to be able to restrict access to my photo galleries on my bubba, so that only authenticated users are able to access these files.

According to

http://httpd.apache.org/docs/2.0/howto/auth.html

this should be easily accomplished by first creating a password file and then by either adding a .htaccess file to the directory in question or modifying httpd.conf.

My .htaccess file looks like this:

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/apache2/passwd/passwords
Require user galleryguest

where the file /etc/apache2/passwd/passwords was created using htpasswd.

I have tried both methods (and also tried adding a <Directory /home/web/photogallery/>-directive to apache2.conf at the bottom) but without luck. Inspecting the /var/log/apache/error.log after restarting the webserver reveals no errors. This is what my error.log looks like after a restart:

[Sun Jan 14 03:09:34 2007] [notice] caught SIGTERM, shutting down
[Sun Jan 14 03:09:53 2007] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sun Jan 14 03:10:07 2007] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sun Jan 14 03:10:07 2007] [notice] Apache/2.0.54 (Debian GNU/Linux) PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e configured -- resuming normal operations

And I guess the 2 warnings don't have anything to do with this. Are there some important modules (mod_auth or something?) that aren't loaded, so that the directives that I specified just "fail silently"?

Hoping some of you guys can shed some light on this.

Note: what actually happens now, when I try to access my gallery, is just that I am able to access the files without being asked for any user credentials...

/dengamle.

pa
Posts: 308
Joined: 06 Dec 2006, 04:38
Location: Sweden
Contact:

Post by pa » 14 Jan 2007, 15:17

To get "basic authentication" to work on bubba, one will have to allow this in the configuration for apache.
The change needed is in "/etc/apache2/sites-available/bubba" is the following:
"
<Directory /var/www/html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride AuthConfig
Order allow,deny
allow from all
</Directory>
"
This is the only configuration file that needs to be changed. Note that the directory /var/www/html is loopback mounted on /home/web, so these are the same.
Note also that the change shall be in two places in the file, one for http (port 80) and one for https (port 443).

/PA

dengamle
Posts: 19
Joined: 05 Jan 2007, 20:14

Post by dengamle » 15 Jan 2007, 17:09

Thank you very much pa!

That helped me a lot and I went for the solution without .htaccess files just to remove the small amount of overhead in looking for files in several directories.

-Works like a charm :)

/DenGamle.

pa
Posts: 308
Joined: 06 Dec 2006, 04:38
Location: Sweden
Contact:

Post by pa » 16 Jan 2007, 04:54

Can you post your configs for no ".htaccess solution"?

Others might be interested in that solution as well.

/PA

dengamle
Posts: 19
Joined: 05 Jan 2007, 20:14

Post by dengamle » 17 Jan 2007, 17:00

Hi again,

Yes, I'll post my settings here as soon as possible, but unfortunately I don't have the time for it right now.

[EDIT]:
Here are my settings:

I just created a file (/etc/apache2/passwd/passwords) containing a password for a user called 'galleryguest' using the commandline tool htpasswd.

Then I just inserted the following into the file /etc/apache2/sites-available/bubba :

<Directory /var/www/html/photo-albums/>
AuthType Basic
AuthName "Restricted files"
AuthUserFile /etc/apache2/passwd/passwords
Require user galleryguest
</Directory>

this should be placed in both the site at port 443 and 80.

And now whenever I try to access files from the directory /var/www/html/photo-albums/ (or /home/web/photo-albums/) or below that, I'll be asked for a username and password. Username, in my case, should be 'galleryguest' and password the one given to 'htpasswd'-command.

Hope this might help someone.

/DenGamle.

lelle
Posts: 69
Joined: 02 Jan 2007, 20:25
Location: Stockholm, Sweden

Post by lelle » 18 Jan 2007, 19:26

dengamle: Thanks for the feedback!

dano
Posts: 1
Joined: 28 Jun 2008, 21:08

Post by dano » 23 Jul 2008, 07:38

Hello!
I have a question about the directory: "etc/apache2/sites-available/".

There is two files in that directory: "bubba" and "default". What do they refer to? My guess is that "default" good when no other are suitable. But what about "bubba"?

I've two Bubba-servers in my local network. One for safe and one for playing/learning. This one for playing/learning is named to "allan". So when I browse to http://allan/, this server respond. I have a web project where I really need ".htaccess" working. Should I edit "default"- or "bubba"- file? Or create a "allan"- file?

My attention was to edit and add somthing like.

ErrorDocument 404 /test/

In the /var/www/html/test/ directory.


Pleas help me to solve this out.

BR,
/dano

Eek
Posts: 372
Joined: 23 Dec 2007, 03:03
Location: the Netherlands

Post by Eek » 24 Jul 2008, 02:08

Hi

In the sites-available directory the available configs are listed.
In the sites-enables directory the actual enabled configs are listed.
There you can see that only the bubba config is enabled.
You can create your own config and test your stuff.
As a fast start you can copy the bubba config to allan, change the ports and enable the site.
(see also an example in the Appendix: Expose to the outside in post: http://forum.excito.net//viewtopic.php?t=854 )
cheers
Eek

Locked