On 05/27/15 22:42, Yegor Timoschenko wrote: >> How does the httpd "authenticate" option work? from httpd.conf(5): >> [no] authenticate [realm] with htpasswd >> Authenticate a remote user for realm by checking the credentials >> against the user authentication file htpasswd. The file name is >> relative to the chroot and must be readable by the www user. Use >> the no authenticate directive to disable authentication in a >> location. >> >> what's "realm"? It shows up twice in the man page, both times in that >> paragraph. Googling was not overly productive due to that other web >> server that also uses the file name "httpd.conf" and htpasswd. :-/ > > Check RFC 2617: > http://tools.ietf.org/html/rfc2617#page-3 > > Or just Google it via "http realm" query and check Stack Overflow: > > http://stackoverflow.com/questions/12701085/what-is-the-realm-in-basic-authentication
oh standard term, eh? whooda thunk? Well, obviously you, obviously not me. :-/ >> What I'm trying to do is have one user/pw protected directory on a web >> server. Most of the server is open to all (and of interest to very >> few), but this one directory should be letting basically no one in >> without authentication. > > No prob, just follow the instructions. I've just tested them on OpenBSD 5.7 > release. gah. Knew it would be easy. Your sample works, mine had the 'location "/*"' before the 'location "/priv/*", and apparently it's "first match", not "last match" (or most specific or ...). Swapping the order of my "location" statements (or as you did, just leaving the root one out) solved my problem. (and for a few other related reasons, my example config was pretty dumb, so thanks for deleting my example!). > > P.S: I believe httpd should say something explicitly if it fails to load > htpasswd file. > Currently it just silently fails. Should be at least a warning. send diff. :D But yeah, I found lots of ways to make errors and get unexpected results from those errors. On the other hand, the apache config file and I never were best of buddies, either. Thanks! Nick.
