Problem with apache directory protection

Problem with apache directory protection

Post by Wong Ee Sin » Thu, 07 Dec 1995 04:00:00



I am trying to set up www-cal ( incidentally, a great utility for calendering
found at http://www.eol.ists.ca/~dunlop/  ). The thing is that I am trying to
protect the directory from the http method POST only! GET should still work.
This allow admin staff to update calendar and other users may only browse.

My .htaccess file looks like this in /home/WWW/www-cal/

AuthUserFile /etc/httpd/conf/.htpasswd
AuthGroupFile /dev/null
AuthName www-cal
AuthType Basic

<Limit POST>
require valid-user
</Limit>

The file .htpasswd was created using the htpasswd program from apache with a
single user. Using the above produces a login dialog box and I always fail to
login no matter what. The access.conf was set protects the same directory but
only with the following statement
<Directory /home/WWW/www-cal>
.
. (some other stuff)
.
<Limit GET>
order allow,deny
allow from all
</Limit>
</Directory>

I've also tried various other combinations. IN fact, lots of it and only
<Limit GET> works but that forces everyone to login when only admin should be
asked to key password when attempting to change the calendar via POST. Using
<Limit GET POST> also works but does not help really. Putting two statements
with

<Limit POST>
require valid-user
</Limit>

<Limit GET>
order allow,deny
allow from all
</Limit>

cannot work since now it ask for password on entry and will always fail
to login!(As the first case). I've also tried removing .htaccess and using the
global access.conf to protect the directory concerned which is
"/home/WWW/www-cal" directly below my document root of "/home/WWW"
but that gives the same symptom as again the first case. Things are really weird
here. It's getting really weird here. I've even tried removing the section under
access.conf refering to the same directory so that no conflict is possible.
Still no cigar. The server isn't broken since <Limit GET> works fine.
Has anyone tried the same thing before? PLease help! Thank you.

regards,
Ee Sing

 
 
 

1. directory protection ina apache

I need to configure my apache server so that this will not occur.

when in a browser I put the url of the directory i will get a listing of
all the files in that directory.  I do not want this listing to occur.
What if any parameter must I change for this to occur.

Thanks

Richard

Sent via Deja.com http://www.deja.com/
Before you buy.

2. 4.3 BSD driver for TK50 tape drive

3. directory protection under apache server

4. Module support for aha152x

5. Apache 1.1.1 layered directory protection

6. sweet success -disktab/disklabel lose their mystery!

7. Netscape Server Directory Protection Problem????

8. The Complete FreeBSD

9. Netscape Server Directory Protection Problem???

10. directory password protection - .htaccess

11. directory owner/protection

12. Question about Directory Protection

13. htaccess protection on a directory in cgi-bin