Wednesday, January 26, 2011

.htaccess authorization requiring username/password for every resource

I am using Apache2 on Ubuntu and I have having some "weird" user authorization issues. I am using .htaccess to control access to my directories. I have many users and have grouped them into user groups which are defined in a "group" file. I then use .htaccess within each directory to define which users have access to the directory and which do not. Here is an example .htaccess file.

AuthUserFile /var/local/.htpasswd
AuthGroupFile /var/local/groups
AuthName "Username and Password Required"
AuthType Basic

require group design admin

Everything is working with one exception. I added a new user to one of my groups and though they can gain access to the directory they are prompted for a username and password for every resource (i.e. image, CSS). After a while I can just keep selecting "cancel" and I will get a page with just html with no images or CSS. I would think the browser would just cache the username/password. It seems to be working well for other users. Any thoughts?

From serverfault webworm

  • This sounds like a client issue. Can you reproduce the issue between multiple browsers and PCs?

    webworm : I am only able to test with my computer but I can reproduce the issue from both Firefox and IE8. I have done some more testing and I can confirm that the user is being authenticated. If I try an access the protected area with a "junk" username and password I do not get access to any content at all. However if I use a username and password for a "real" user that has permissions to the directory then they are able to load the background but then are prompted again for the username and password. Also .. I find that if I move the user to the "admin" group they are able to gain access without issue
    From Warner

  • It almost sounds like

    require group design admin

    is requiring the user to be a member of both groups or the group file is not set up correctly.

    design: usera userb userc admin: userd usere

    No commas in the group file (this is different than the format for /etc/group)

    LogLevel warn (possibly debug)

    and watching your error log may give you a little more insight.

    webworm : Thank you very much. Good suggestion.
    From $pageUsers[$post.author].name
Posted by Mu Cat at 6:21 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)