Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Authentication directive not working with SSL and Vhosts
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
mxc
Guru
Guru


Joined: 05 Mar 2003
Posts: 442
Location: South Africa
PostPosted: Wed May 25, 2005 5:21 am    Post subject: Authentication directive not working with SSL and Vhosts Reply with quote
Hi all,

I have setup apache to do vhosts. I reemerged using the vhosts flag. I am using named virtual hosting but have ssl for the one ip address that I have. i.e. I have a mixed environment.

When I added vhosts to apache I already had some sites using the ssl and basic authenticaiton. To get them working with vhosts I had to move all the directives to these locations to /etc/apache2/modules.d/41_mod_ssl.default-vhost.conf under <virutalhost *:443></virutalhost:>

Leaving them under <virtualhost *:80></virtualhost> caused apache to have some problems.

some examples from 41_mod_ssl....

Quote:
<Location /im>
SSLRequireSSL
AuthName "xxxxxxx"
AuthType Basic
LDAP_StartTLS on
LDAP_Protocol_Version 3
LDAP_Server xx.xx.xx.xx
Base_DN ou=people,dc=xxx,dc=xx,dc=xx
UID_Attr uid
require valid-user
options multiviews
</Location>


These old sites all work fine. When I go to the url I get prompted for a userid and password. When I try to go to the path without https, just using normal http, I get access forbidden messages.

I then added a new site, after apache had been modified to use vhosts, and I cant get ssl or basic authentication to work.
<Location /test>
SSLRequireSSL
AuthName "xxxxxxx"
AuthType Basic
LDAP_StartTLS on
LDAP_Protocol_Version 3
LDAP_Server xx.xx.xx.xx
Base_DN ou=people,dc=xxx,dc=xx,dc=xx
UID_Attr uid
require valid-user
options multiviews
</Location>

If I go to www.myweb.co.co it allows me to access the site without going through ssl and it doesnt prompt for userid and password even if I use https! I managed to get it to insist on using ssl by changing the DocumentRoot variable for port 80 virtual site to something other than the default locaiton of my sites. But still I am not prompted for userid and password.

Is there somewhere else you need to go and change when configuring a virtual ip host in apache to ensure that its sites use ssl and basic authentiction directives? Other than the /etc/apache2/modules.d.41_mod_ssl?
_________________
http://www.CyberDesigns.co.za
http://www.Jumpingbean.co.za
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy