Well, I tested and (under 7.2) it seems to work for me.
fas270> options httpd. httpd.access legacy httpd.admin.access legacy httpd.admin.enable on httpd.admin.hostsequiv.enable off httpd.admin.max_connections 1023 httpd.admin.ssl.enable off httpd.autoindex.enable off httpd.enable on httpd.log.format common httpd.method.trace.enable off httpd.rootdir /vol/http httpd.timeout 300 httpd.timewait.enable off pw650s10# cat httpd.access <Directory /vol/http> AuthName My private stuff <Limit GET> require user dole </Limit> </Directory> pw650s10# cat httpd.passwd dole:tA2Clw/gBxSog
Example was directly from httpd.access manual page.
Are you sure access is not cached somewhere in between? Also http needs some time to catch up with changes.
Andrey Borzenkov Senior system engineer IT Product Services Fujitsu Siemens Computers Russian Federation
Telephone: +7(495)737-2723 Email: mailto:Andrey.Borzenkov@fujitsu-siemens.com Internet: http://www.fujitsu-siemens.com
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of JacekN Sent: Wednesday, September 20, 2006 1:19 AM To: toasters Subject: Troubleshooting http access
I would like to restrict access to files accessed via http. I am using DOT 7.2. First I configured standard http services - everything is running smoothly. My settings:
httpd.access legacy httpd.admin.access legacy httpd.admin.enable off httpd.admin.hostsequiv.enable off httpd.admin.max_connections 1023 httpd.admin.ssl.enable on httpd.autoindex.enable off httpd.enable on httpd.log.format common httpd.method.trace.enable off httpd.rootdir /vol/docs httpd.timeout 300 httpd.timewait.enable off
/vol/docs is dedicated for http access FlexVol with ntfs access rights filer is configured also for CIFS in workgroup mode). Now I try to limit access to the services - one dedicated user and standard authentication is enough. In accordance to documentation I have
prepared the following files:
/etc/httpd.passwd psuser:_J9..PYJ.MWfkaOhMiFc
/etc/httpd.group psgroup:psuser
/etc/httpd.access <Directory /vol/docs/> AuthName Dokumentacja PS <Limit GET> require user psuser </Limit> </Directory> <Directory /vol/docs/telco> AuthName Dokumentacja PS <Limit GET> require user psuser </Limit> </Directory>
But it does not work: anyone can access the files without any authentication. What am I missing? How can I troubleshoot http access? (httpd.log file does not contain anything helpful).
Best regards,
Jacek
--- avast! Antivirus: Outbound message clean. Virus Database (VPS): 0638-0, 2006-09-19 Tested on: 2006-09-19 23:18:41 avast! - copyright (c) 1988-2006 ALWIL Software. http://www.avast.com