KevinReichard
07-17-2002, 03:21 PM
These talkbacks are in response to the article Using .htaccess Files with Apache (http://www.serverwatch.com/stypes/servers/article.php/1127711).
Evelio Martínez writes:
I have configure .htaccess for a directory and the window asking me for user/pass appears twice.
Why?
Mario responds:
Hi,
I had the same problem, and all is back right when I had insert a '/' caracter at the end of the path name.
Example:
if my directory is: "/web/users"
the right path is: "/web/users/" plus the '/'
I think there is a problem with the error returned by the server.
Terry C responds:
Try changing the url to http://domain.com instead of http://www.domain.com
I had the same problem.
roger strom
by turning UseCanonicalName in httpd.conf to Off i solved my problem...
Dave Brown
You're probably accessing a directory without including the trailing slash and the host name in the URL you provide is different from what's configured in httpd.conf. So the redirect response from the server points to a 'different' host than your originally authenticated request and so you need to re-authenticate.
Sandi writes:
Has anyone else experienced a problem using Internet Explorer 5.00 or 5.01 in which Apache forces users to authenticate twice with correct credentials? I do not get this problem in Netscape and have not seen any other htaccess problems besides this one, so I am assuming my configuration is correct.
An example scenario in which this problem occurs:
1. I give good username/good password -> asked to login again, error_log not updated
2. I give good username/good password -> successful login, error_log not updated
Another example scenario:
1. I give good username/good password -> asked to login again, error_log not updated
2. I give bad username/bad password -> asked to login again, appended to error_log is
... user sandih: authentication failure for "/ops/": password mismatch
... user poo not found: /ops/
3. I give good username/good password -> successful login
Any help or suggestions would be greatly appreciated
Sid Young responds:
I too have seen this..
The following is an example layout of the directory.
/opt/apache/htdocs/Secured <- has .htaccess
/opt/apache/htdocs/Secured/otherdirectory <- has no .htaccess
The "Secured" directory has a .htaccess file and the directories below it dont, but if I authenticate correctly then try and go to "otherdirectory" I get an authentication box again.
.htaccess file is below:
AuthUserFile /opt/apache/cgi-bin/.htpwd
AuthGroupFile /opt/apache/cgi-bin/.htgroups
AuthName "System Documentation"
AuthType Basic
order allow,deny
allow from all
require valid-user
Anyone got any ideas ?
Sandi responds:
I figured out the solution for this problem. It had nothing to do with .htaccess. I was using a relative URL to point to the directory to login to, but I forgot to include the trailing slash. So, that caused Apache to send a redirect to the client which forced him to authenticate twice.
Evelio Martínez writes:
I have configure .htaccess for a directory and the window asking me for user/pass appears twice.
Why?
Mario responds:
Hi,
I had the same problem, and all is back right when I had insert a '/' caracter at the end of the path name.
Example:
if my directory is: "/web/users"
the right path is: "/web/users/" plus the '/'
I think there is a problem with the error returned by the server.
Terry C responds:
Try changing the url to http://domain.com instead of http://www.domain.com
I had the same problem.
roger strom
by turning UseCanonicalName in httpd.conf to Off i solved my problem...
Dave Brown
You're probably accessing a directory without including the trailing slash and the host name in the URL you provide is different from what's configured in httpd.conf. So the redirect response from the server points to a 'different' host than your originally authenticated request and so you need to re-authenticate.
Sandi writes:
Has anyone else experienced a problem using Internet Explorer 5.00 or 5.01 in which Apache forces users to authenticate twice with correct credentials? I do not get this problem in Netscape and have not seen any other htaccess problems besides this one, so I am assuming my configuration is correct.
An example scenario in which this problem occurs:
1. I give good username/good password -> asked to login again, error_log not updated
2. I give good username/good password -> successful login, error_log not updated
Another example scenario:
1. I give good username/good password -> asked to login again, error_log not updated
2. I give bad username/bad password -> asked to login again, appended to error_log is
... user sandih: authentication failure for "/ops/": password mismatch
... user poo not found: /ops/
3. I give good username/good password -> successful login
Any help or suggestions would be greatly appreciated
Sid Young responds:
I too have seen this..
The following is an example layout of the directory.
/opt/apache/htdocs/Secured <- has .htaccess
/opt/apache/htdocs/Secured/otherdirectory <- has no .htaccess
The "Secured" directory has a .htaccess file and the directories below it dont, but if I authenticate correctly then try and go to "otherdirectory" I get an authentication box again.
.htaccess file is below:
AuthUserFile /opt/apache/cgi-bin/.htpwd
AuthGroupFile /opt/apache/cgi-bin/.htgroups
AuthName "System Documentation"
AuthType Basic
order allow,deny
allow from all
require valid-user
Anyone got any ideas ?
Sandi responds:
I figured out the solution for this problem. It had nothing to do with .htaccess. I was using a relative URL to point to the directory to login to, but I forgot to include the trailing slash. So, that caused Apache to send a redirect to the client which forced him to authenticate twice.