3

I am trying to password protect a web directory with apache. I have the site set up like this:

D:/
   webapp/
      lib/
         .htpasswd
   document_root/
      admin/
         index.php
         .htaccess

The .htaccess has: 

AuthName "Authorization Required" 
AuthType Basic 
AuthUserFile D:\webapp\lib\.htpasswd
require valid-user

And the .htpasswd has:

user:passworddigest

When I try to access localhost/index.php in the browser I get a 500 error. The apache error log has this:

["date"] [crit] [client "ip"] configuration error:  couldn't check user.  Check your authn provider!: /admin/

I have googled but I can't figure out what this error means in the context of my server. Anyone know what's up? Also, it would solve my problem if someone had a simple method of using apache for authenticating a web directory on a windows server.

Stefan Lasiewski
  • 24,361
  • 42
  • 136
  • 188
Explosion Pills
  • 221
  • 1
  • 2
  • 10

3 Answers3

0

If it is not a permissions problem like Jim B suggested above (I also suspect that) you might not have loaded the authn module in Apache - mod_authn. I do not know how to do that in Windows but I am pretty sure if you google around you will find out how it's done.

danakim
  • 402
0

I haven't done this on Windows, but try to enable the auth_digest module in your httpd.conf file by uncommenting this line in it, if it's commented out. I know it's disabled by default:

LoadModule auth_digest_module modules/mod_auth_digest.so
pkout
  • 260
  • 3
  • 8
-1

I think you have wrong auth-type (AuthType Basic) in your .htaccess, looking at your .htpasswd it tells me that the password is setup by htdigest & not htpasswd (correct me if I am wrong) and hence the configuration error.

To solve this, try the following .htaccess info & the problem should go away:

AuthName "Authorization Required" 
AuthType Digest
AuthUserFile D:\webapp\lib\.htpasswd
require valid-user

But I would suggest you to use the above method, since the password is transmitted inMD5 Digestin the network whereasAuthType Basic` transfer the password in a clean text.

But, if you insist to have AuthType Basic then, try the following .htaccess:

AuthName "Authorization Required" 
AuthType Basic
AuthUserFile D:\webapp\lib\.htpasswd
require valid-user

& create the htpassword from following link:

http://www.htaccesstools.com/htpasswd-generator/

and update your .htpasswd file.

Rakesh Sankar
  • 272