[ale] Problems with "browsing" apache protected folders

Armsby John-G16665 John.Armsby at motorola.com
Wed Mar 31 09:38:55 EST 2004 

All,

I have been struggling with RedHat 9, Apache2, and password protected folders under the document root.  

The good:  I can password selected directories/folders via the Directory directive in httpd.conf.  I can type in the appropriate URL and a password popup appears.

The bad:  With apache 1.3.x I could select the appropriate URL pointing to a folder  under the document root system and "browse" down the directory system until I selected the password protected folder.  Double clicking on the password protected folder resulted in a password popup.  With apache 2 I can still browse but I CAN NO LONGER "SEE" THE PROTECTED FOLDER.  IT IS INVISIBLE!   If I remove/comment the Directory directive, I can now "see" the now unprotected folder.

I am stumped.  A complication is that I am running (successfully) a virtual server.  Virtual 1 is on port 80.  Virtual 2 is port 727.  Apache specified I had to create two virtual servers, no one for the 727 port.

Below is my httpd.conf.  I have cross posted to the apache configuration group.

Any help would be appreciated.

John




>
> ServerTokens OS
>
> ServerRoot "/etc/httpd"
>
>
> PidFile run/httpd.pid
>
> Timeout 300
>
> KeepAlive Off
>
> MaxKeepAliveRequests 100
>
> KeepAliveTimeout 15
>
>
> <IfModule prefork.c>
> StartServers       8
> MinSpareServers    5
> MaxSpareServers   20
> MaxClients       150
> MaxRequestsPerChild  1000
> </IfModule>
>
> <IfModule worker.c>
> StartServers         2
> MaxClients         150
> MinSpareThreads     25
> MaxSpareThreads     75
> ThreadsPerChild     25
> MaxRequestsPerChild  0
> </IfModule>
>
> <IfModule perchild.c>
> NumServers           5
> StartThreads         5
> MinSpareThreads      5
> MaxSpareThreads     10
> MaxThreadsPerChild  20
> MaxRequestsPerChild  0
> </IfModule>
>
> Listen 80
> Listen 727
>
> Include conf.d/*.conf
>
> LoadModule access_module modules/mod_access.so
> LoadModule auth_module modules/mod_auth.so
> LoadModule auth_anon_module modules/mod_auth_anon.so
> LoadModule auth_dbm_module modules/mod_auth_dbm.so
> LoadModule auth_digest_module modules/mod_auth_digest.so
> LoadModule include_module modules/mod_include.so
> LoadModule log_config_module modules/mod_log_config.so
> LoadModule env_module modules/mod_env.so
> LoadModule mime_magic_module modules/mod_mime_magic.so
> LoadModule cern_meta_module modules/mod_cern_meta.so
> LoadModule expires_module modules/mod_expires.so
> LoadModule headers_module modules/mod_headers.so
> LoadModule usertrack_module modules/mod_usertrack.so
> LoadModule unique_id_module modules/mod_unique_id.so
> LoadModule setenvif_module modules/mod_setenvif.so
> LoadModule mime_module modules/mod_mime.so
> LoadModule dav_module modules/mod_dav.so
> LoadModule status_module modules/mod_status.so
> LoadModule autoindex_module modules/mod_autoindex.so
> LoadModule asis_module modules/mod_asis.so
> LoadModule info_module modules/mod_info.so
> LoadModule dav_fs_module modules/mod_dav_fs.so
> LoadModule vhost_alias_module modules/mod_vhost_alias.so
> LoadModule negotiation_module modules/mod_negotiation.so
> LoadModule dir_module modules/mod_dir.so
> LoadModule imap_module modules/mod_imap.so
> LoadModule actions_module modules/mod_actions.so
> LoadModule speling_module modules/mod_speling.so
> LoadModule userdir_module modules/mod_userdir.so
> LoadModule alias_module modules/mod_alias.so
> LoadModule rewrite_module modules/mod_rewrite.so
> LoadModule proxy_module modules/mod_proxy.so
> LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
> LoadModule proxy_http_module modules/mod_proxy_http.so
> LoadModule proxy_connect_module modules/mod_proxy_connect.so
>
> <IfModule prefork.c>
> LoadModule cgi_module modules/mod_cgi.so
> </IfModule>
>
> <IfModule worker.c>
> LoadModule cgid_module modules/mod_cgid.so
> </IfModule>
>
>
>
> User apache
> Group dc
>
> ServerAdmin john.armsby at motorola.com
>
> ServerName xena2
> UseCanonicalName Off
>
> DocumentRoot "/var/www/html"
>
> <Directory />
>     Options FollowSymLinks
>     AllowOverride None
> </Directory>
>
>
> <Directory "/var/www/html">
>
>     Options Indexes FollowSymLinks
>
>     AllowOverride None
>
>     Order allow,deny
>     Allow from all
>
> </Directory>
>
>
>
>
>
>
>
>
>
>
> <LocationMatch "^/$>
>     Options -Indexes
>     ErrorDocument 403 /error/noindex.html
> </LocationMatch>
>
> <IfModule mod_userdir.c>
>     UserDir disable
>
>
> </IfModule>
>
>
> DirectoryIndex index.html index.html.var
>
> AccessFileName .htaccess
>
> <Files ~ "^\.ht">
>     Order allow,deny
>     Deny from all
> </Files>
>
> TypesConfig /etc/mime.types
>
> DefaultType text/plain
>
> <IfModule mod_mime_magic.c>
>     MIMEMagicFile conf/magic
> </IfModule>
>
> HostnameLookups Off
>
> ErrorLog logs/error_log
>
> LogLevel warn
>
> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
> LogFormat "%h %l %u %t \"%r\" %>s %b" common
> LogFormat "%{Referer}i -> %U" referer
> LogFormat "%{User-agent}i" agent
>
> CustomLog logs/access_log combined
>
>
>
> ServerSignature On
>
> Alias /icons/ "/var/www/icons/"
>
> <Directory "/var/www/icons">
>     Options Indexes MultiViews
>     AllowOverride None
>     Order allow,deny
>     Allow from all
> </Directory>
>
> Alias /manual "/var/www/manual"
>
> <Directory "/var/www/manual">
>     Options Indexes FollowSymLinks MultiViews
>     AllowOverride None
>     Order allow,deny
>     Allow from all
> </Directory>
>
> <IfModule mod_dav_fs.c>
>     DAVLockDB /var/lib/dav/lockdb
> </IfModule>
>
> ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
>
> <IfModule mod_cgid.c>
> Scriptsock            run/httpd.cgid
> </IfModule>
>
> <Directory "/var/www/cgi-bin">
>     AllowOverride None
>     Options None
>     Order allow,deny
>     Allow from all
> </Directory>
>
>
>
> IndexOptions FancyIndexing VersionSort NameWidth=*
>
> AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
>
> AddIconByType (TXT,/icons/text.gif) text/*
> AddIconByType (IMG,/icons/image2.gif) image/*
> AddIconByType (SND,/icons/sound2.gif) audio/*
> AddIconByType (VID,/icons/movie.gif) video/*
>
> AddIcon /icons/binary.gif .bin .exe
> AddIcon /icons/binhex.gif .hqx
> AddIcon /icons/tar.gif .tar
> AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
> AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
> AddIcon /icons/a.gif .ps .ai .eps
> AddIcon /icons/layout.gif .html .shtml .htm .pdf
> AddIcon /icons/text.gif .txt
> AddIcon /icons/c.gif .c
> AddIcon /icons/p.gif .pl .py
> AddIcon /icons/f.gif .for
> AddIcon /icons/dvi.gif .dvi
> AddIcon /icons/uuencoded.gif .uu
> AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
> AddIcon /icons/tex.gif .tex
> AddIcon /icons/bomb.gif core
>
> AddIcon /icons/back.gif ..
> AddIcon /icons/hand.right.gif README
> AddIcon /icons/folder.gif ^^DIRECTORY^^
> AddIcon /icons/blank.gif ^^BLANKICON^^
>
> DefaultIcon /icons/unknown.gif
>
>
> ReadmeName README.html
> HeaderName HEADER.html
>
>
> AddEncoding x-compress Z
> AddEncoding x-gzip gz tgz
>
> AddLanguage da .dk
> AddLanguage nl .nl
> AddLanguage en .en
> AddLanguage et .et
> AddLanguage fr .fr
> AddLanguage de .de
> AddLanguage he .he
> AddLanguage el .el
> AddLanguage it .it
> AddLanguage ja .ja
> AddLanguage pl .po
> AddLanguage kr .kr
> AddLanguage pt .pt
> AddLanguage nn .nn
> AddLanguage no .no
> AddLanguage pt-br .pt-br
> AddLanguage ltz .ltz
> AddLanguage ca .ca
> AddLanguage es .es
> AddLanguage sv .se
> AddLanguage cz .cz
> AddLanguage ru .ru
> AddLanguage tw .tw
> AddLanguage zh-tw .tw
> AddLanguage hr .hr
>
> LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ltz ca es sv
tw
>
> ForceLanguagePriority Prefer Fallback
>
> AddDefaultCharset ISO-8859-1
>
> AddCharset ISO-8859-1  .iso8859-1  .latin1
> AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
> AddCharset ISO-8859-3  .iso8859-3  .latin3
> AddCharset ISO-8859-4  .iso8859-4  .latin4
> AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr .iso-ru
> AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
> AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
> AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
> AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
> AddCharset ISO-2022-JP .iso2022-jp .jis
> AddCharset ISO-2022-KR .iso2022-kr .kis
> AddCharset ISO-2022-CN .iso2022-cn .cis
> AddCharset Big5        .Big5       .big5
> AddCharset WINDOWS-1251 .cp-1251   .win-1251
> AddCharset CP866       .cp866
> AddCharset KOI8-r      .koi8-r .koi8-ru
> AddCharset KOI8-ru     .koi8-uk .ua
> AddCharset ISO-10646-UCS-2 .ucs2
> AddCharset ISO-10646-UCS-4 .ucs4
> AddCharset UTF-8       .utf8
>
> AddCharset GB2312      .gb2312 .gb
> AddCharset utf-7       .utf7
> AddCharset utf-8       .utf8
> AddCharset big5        .big5 .b5
> AddCharset EUC-TW      .euc-tw
> AddCharset EUC-JP      .euc-jp
> AddCharset EUC-KR      .euc-kr
> AddCharset shift_jis   .sjis
>
> AddType application/x-tar .tgz
>
>
>
> AddHandler imap-file map
>
> AddHandler type-map var
>
> AddOutputFilter INCLUDES .shtml
>
>
>
>
> Alias /error/ "/var/www/error/"
>
> <IfModule mod_negotiation.c>
> <IfModule mod_include.c>
>     <Directory "/var/www/error">
>         AllowOverride None
>         Options IncludesNoExec
>         AddOutputFilter Includes html
>         AddHandler type-map var
>         Order allow,deny
>         Allow from all
>         LanguagePriority en es de fr
>         ForceLanguagePriority Prefer Fallback
>     </Directory>
>
>     ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
>     ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
>     ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
>     ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
>     ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
>     ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
>     ErrorDocument 410 /error/HTTP_GONE.html.var
>     ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
>     ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
>     ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
>     ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
>     ErrorDocument 415 /error/HTTP_SERVICE_UNAVAILABLE.html.var
>     ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
>     ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
>     ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
>     ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
>     ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
>
> </IfModule>
> </IfModule>
>
> BrowserMatch "Mozilla/2" nokeepalive
> BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
> BrowserMatch "RealPlayer 4\.0" force-response-1.0
> BrowserMatch "Java/1\.0" force-response-1.0
> BrowserMatch "JDK/1\.0" force-response-1.0
>
> BrowserMatch "Microsoft Data Access Internet Publishing Provider"
redirect-carefully
> BrowserMatch "^WebDrive" redirect-carefully
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> Options Indexes
> AuthType Basic
> AuthName Security
> AuthUserFile /etc/httpd/pass/passwd
>  <Limit GET>
> Require user Security
>  </Limit>
> </Directory>
>
>
>
>
>
>
>
>
>
>
> NameVirtualHost 155.102.104.1:80
> NameVirtualHost 155.102.104.1:727
>
>
> <VirtualHost 155.102.104.1:80>
> ServerName xena2
> DocumentRoot /var/www/html
> </VirtualHost>
>
>
> <VirtualHost 155.102.104.1:727>
> ServerName xena2
> DocumentRoot /var/www/html2
> </VirtualHost>
>
>

More information about the Ale mailing list