I'm trying to get mod_auth_mysql working on a FreeBSD 4.10 server running apache 2.0.54.
When the below configuration is entered in httpd.conf and the directory is accessed via the main servers host name, mod_auth_mysql works great. However, when I use the same configuration in a .htaccess under one of our virtual hosts (virtual hosting is done via mod_rewrite), I get the following error in the error log:
user test not found: /hostlist/hostlist.php
If I put an invalid database/table/user name in the configuration, I don't get a mysql error, I just keep getting this same error. This leads me to believe that the mod_auth_mysql module isn't even being used.
The only thing I can think of is that your HTTPD isn't set up to handle .htaccess files.
To recognize authorization overrides in the .htaccess file, you need to have AllowOverride set to Authconfig or ALL in your httpd.conf file. Also, the filename is set in AccessFileName - .htaccess is the conventional filename, but this can be changed.
I suspect one or both of these is your problem. But in either case, it doesn't seem to be a mod_auth_mysql problem, so if this doesn't fix it, I'd recommend you follow up on the Apache Users mailing list.
Jerry
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I found the problem. Or at least how to fix it. The parent directory had AuthName, AuthUserFile and AuthGroupFile directives for something else... I guess they took precedence. Commenting those out fixed it. Shouldn't I be able to have both active at the same time?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Sorry for the delay in responding; I missed this message when you posted it.
To authenticate a resource, Apache authenticates the current directory *and all parent directories* up to the web root directory. This means if you have a resource such as /a/b/c/d.html, the user must pass authorization for all three directories /a, /a/b and /a/b/c.
I don't think there is any way around this restriction, but you might check with the Apache folks.
We do have AuthMySQLAuthoritative as a configuration parameter, but that only affect authorization for the directory where it's defined - not higher directories.
Jerry
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm trying to get mod_auth_mysql working on a FreeBSD 4.10 server running apache 2.0.54.
When the below configuration is entered in httpd.conf and the directory is accessed via the main servers host name, mod_auth_mysql works great. However, when I use the same configuration in a .htaccess under one of our virtual hosts (virtual hosting is done via mod_rewrite), I get the following error in the error log:
user test not found: /hostlist/hostlist.php
If I put an invalid database/table/user name in the configuration, I don't get a mysql error, I just keep getting this same error. This leads me to believe that the mod_auth_mysql module isn't even being used.
AuthName WebAdmin
AuthType Basic
AuthMySQLEnable On
AuthMySQLHost http-auth.my_domain.com
AuthMySQLDB admin
AuthMySQLUserTable auth_table
AuthMySQLUser auth
AuthMySQLPassword ********
AuthMySQLUserCondition "active=1 and access_set=1"
require valid-user
Any ideas?
Hi, nwood,
The only thing I can think of is that your HTTPD isn't set up to handle .htaccess files.
To recognize authorization overrides in the .htaccess file, you need to have AllowOverride set to Authconfig or ALL in your httpd.conf file. Also, the filename is set in AccessFileName - .htaccess is the conventional filename, but this can be changed.
I suspect one or both of these is your problem. But in either case, it doesn't seem to be a mod_auth_mysql problem, so if this doesn't fix it, I'd recommend you follow up on the Apache Users mailing list.
Jerry
I found the problem. Or at least how to fix it. The parent directory had AuthName, AuthUserFile and AuthGroupFile directives for something else... I guess they took precedence. Commenting those out fixed it. Shouldn't I be able to have both active at the same time?
nwood,
Sorry for the delay in responding; I missed this message when you posted it.
To authenticate a resource, Apache authenticates the current directory *and all parent directories* up to the web root directory. This means if you have a resource such as /a/b/c/d.html, the user must pass authorization for all three directories /a, /a/b and /a/b/c.
I don't think there is any way around this restriction, but you might check with the Apache folks.
We do have AuthMySQLAuthoritative as a configuration parameter, but that only affect authorization for the directory where it's defined - not higher directories.
Jerry