Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Strange basic authentication issue - limited visibility to some users.

Status
Not open for further replies.

BlZ

Technical User
Mar 14, 2002
12
US
Apache/2.0.40 - RedHat 8

a symbolically linked directory /var/ to /usr/appz

.htaccess file in /usr/appz is:
Options +Indexes
AuthType Basic
AuthName "email me@me.com for username/password"
AuthUserFile /usr/local/passwd
Require user user1 user2


in /usr/appz i have 4 folders:
drwxr-xr-x 2 root root 4096 Apr 12 23:53 Audio
drwxr-xr-x 3 root root 4096 Apr 23 00:48 W-Appz
drwxr-xr-x 6 root root 4096 Apr 23 01:21 Linux
drwxr-xr-x 1 root root 4096 Apr 23 2003 maxtor

I use htpasswd.

maxtor is a NAS device, mounted via smbfs.
$ mount
//storage/Public on /usr/appz/maxtor type smbfs (0)

After authenticating:
user1 can see all 4 directories
user2 cannot see maxtor, but can see the other 3.

Why is this happening??

I've created other users - same thing, cannot see 'maxtor'
I've created corresponding linux user accounts - no good

After users logs in - this is what they see on the web page:

user1:
Parent Directory -
Audio/ 12-Apr-2003 23:53 -
Linux/ 23-Apr-2003 01:21 -
W-Appz/ 23-Apr-2003 00:48 -
maxtor/ 23-Apr-2003 02:08 -

user2:
Parent Directory -
Audio/ 12-Apr-2003 23:53 -
Linux/ 23-Apr-2003 01:21 -
W-Appz/ 23-Apr-2003 00:48 -

I've even created another generic folder, which all users can see.
I then made a subdirectory of that folder, the smbfs mount (maxtor in the previous case), and the folder appears empty to most users!
 
Well, it's fixed. I didn't know we had an apache guru in my office.
Come to find out, I had placed another .htaccess file w/in that 'maxtor' directory - which only included 'user1.'
With that, the system knew that the other users didn't have access to see what's in the directory - so why show them the option in the first place!!??

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top