Regards.
> Am Sat, 16 Sep 2017 08:35:59 -0400
> schrieb "techay@protonmail.com" <techay@protonmail.com>:
>
>> You are a legend. Got it working with that!
>>
>> Thank you so much, saved me a bigger headache!
>>
>> p.s. Still, looking at the man page that really is not obvious where
>> it mentions [realm] and [htpasswd].
>
> Whats wrong with the manpage?
>
> [no] authenticate [realm] with htpasswd
> Authenticate a remote user for realm by checking the
> credentials against the user authentication file htpasswd.
> The file name is relative to the chroot and must be
> readable by the www user. Use the no authenticate directive
> to disable authentication in a location.
> Authenticate a remote user for realm by checking the
> credentials against the user authentication file htpasswd.
> The file name is relative to the chroot and must be readable
> by the www user. Use the no authenticate directive to disable
> authentication in a location.
>
>> I read it totally differently, that the htpasswd is a location to a
>> file and not just a declaration to look for a file in the current dir
>> named htpasswd etc.
>
> The htpasswd IS a file:
> location "/*" { authenticate with "/htpasswd" }
>
> In this example the passwordfile is named "htpasswd" and is in /var/www
> (Note that httpd(8) is chrooted by default)
>
>> I wonder where did "Secure Area" came from too,
>> "realm" is mentioned but I had not a clue what it even was. I still
>> don"t.
>
> From RFC 1945 (HTTP/1.0) and RFC 2617 (HTTP Authentication referenced
> by HTTP/1.1):
> The realm attribute (case-insensitive) is required for all
> authentication schemes which issue a challenge. The realm value
> (case-sensitive), in combination with the canonical root URL of the
> server being accessed, defines the protection space. These realms allow
> the protected resources on a server to be partitioned into a set of
> protection spaces, each with its own authentication scheme and/or
> authorization database. The realm value is a string, generally assigned
> by the origin server, which may have additional semantics specific to
> the authentication scheme.
>
> In short, pages in the same realm should share credentials. If your
> credentials work for a page with the realm "My Realm", it should be
> assumed that the same username and password combination should work for
> another page with the same realm.
>
>> I cannot stand the man page for httpd.conf - so much
>> frustration for me.
>
> If you have concrete questions then ask.
> My experience is that someone on the list will try to help.
> But by now: ... what is your question?
No comments:
Post a Comment