Re: About .htaccess

Unfortunately you haven't told us what works.

If $ENV{REMOTE_USER} is never being populated (even when you supply correct user and password), then you must ask why your .htpasswd is not being recognised by Apache. This link appears to have some information about .htaccess files.

If, on the other hand, $ENV{REMOTE_USER} works when you supply correct user name and password, and fails when you supply the wrong user name or password, then the question is about Apache's error handling in the case of a failed authorisation attempt.

I do not know for sure, but it may be the case that Apache requires a separate file to display for handling error conditions (such as invalid username/password) so that your script does not receive the error response. In this case you may with to configure Apache with a specific error document using the syntax found at this website.

Comment on Re: About .htaccess Select or Download Code

Replies are listed 'Best First'.
Re^2: About .htaccess by Nik (Initiate) on Jun 14, 2005 at 10:25 UTC
Actually i decided not to use an .htaccess file at all but instead i edited httpd.conf and put 2 directives in it: `<Directory D:/www/data/private> AuthType Basic AuthName "Private Area!" AuthUserFile D:/www/passwd.txt Require user Nikos </Directory>` [download] `<Location D:/www/cgi-bin/make.pl> AuthType Basic AuthName "Administrator Only!" AuthUserFile D:/www/passwd.txt Require user Nikos </Location>` [download] So now iam protecting both the make.pl script and both my private folder! :-) Iam still thibking though if i need this code: `print header(-status=>'401 Unauthorized', 'WWW-Authenticate'=>'Basic r +ealm="Restricted Games"') unless $ENV{REMOTE_USER}; exit unless $ENV{REMOTE_USER}; #Restricted code - this code will not run unless user is authenticated +. Test $ENV{REMOTE_USER} for user-level control print header(), "Authenticated User: $ENV{REMOTE_USER}\n";` [download] Any ideas?!?	[reply] [d/l] [select]
Re^3: About .htaccess by Nik (Initiate) on Jun 14, 2005 at 12:48 UTC
And also does anybody knows whats changes must i do to transform the above 2 directives to Digest mode? I heard Digest mode has greater security that basic on which the password travels clear through the net. In Digest mode will it travel encrypted as well?	[reply]