Problems w/ Directory Indexing and Basic Auth in apache 2.0

Problems w/ Directory Indexing and Basic Auth in apache 2.0

Post by Kevi » Sun, 19 Jan 2003 03:40:13



I recently updated Apache 1.3 to 2.0 and I'm seeing some strange
behavior with the directory listings. In my doc root, I have two
directories.

public/
private/

I setup private to use BaseAuth using a .htaccess file and public does
not have
a .htaccess file.

Now, If I type in http://localhost/ the directory listing show just
public. If I then hit http://localhost/private I get the password
prompt. I enter the password in correctly and I see the contents of
private. Now the confusing part is
sometimes after I've logged in, if I go back to http://localhost it
shows both public and private. Its almost like, the directory listing
checks to see if you
have access to the directoies before listing them.

So my question is, how do I make private always show up in the
directory listing. If I remove the .htaccess file it will show up but
then it won't be secured. This was also working perfectly in 1.3.

Any ideas?
--kevin

 
 
 

1. Directory Indexing With Basic Auth

I've just upgrade my Apache httpd from 1.3 to 2.0.40 and I'm found one
strange problem. In 2.0.40 when I setup a AuthType Basic the directory
listing's don't show the directory until after you enter the
user/password.  How do I shut this off?

The issues is I want to be able to see all public/secure directories,
then click on one and be prompted if it is secure. This was the
behavoir in 1.3.

Any ideas on how to make this happen?

Thanks,
Kevin

2. Linux apache web server

3. Apache auth & deb auth problem?

4. FTP without password or username?

5. problem with basic authentication on apache 2.0 Error 401

6. Apache 1.3.9 "Frontpage" extensions.

7. Auto-indexing problem in Apache user directories.

8. Solaris System Info

9. Apache SSL / Basic auth

10. Apache --> Tomcat Auth Basic header forwarding

11. Apache: too many users in one group (Basic auth)

12. apache + php + basic auth => password theft => solutions?

13. Apache & redirect upon basic auth cancel button