Basic HTTP auth prompting too many times

Hello,

I have set up HTTP auth using the auth_pam module (although
I’m not sure that module is the problem - it might be nginx problem).

https://github.com/stogh/ngx_http_auth_pam_module/

All works great for a while----

After some time, browsers begin to prompt for authentication over
and over again (I guess once for every image, stylesheet, script, etc?).
Or maybe it is prompting because the credentials failed, but I don’t
think so because if I hit cancel/ESC over and over again, I can use
the web page (I’m still authenticated), but none of the images or
scripts have loaded.

The logs don’t show any indication of what caused the prompts to
start showing. Previously, I saw this error (in nginx’s error log)
associated with the situation:

Can’t initialize threads: error 11

This looks a little like a MySQL error (I use pam_mysql behind
auth_pam).I don’t know if there is some bad code in auth_pam
causing this(?). Restarting nginx fixed the prompting in this case.

However, today, the prompting started again and the above error
does NOT appear. I don’t see any errors. Browser doesn’t matter -
tried it on firefox, mobile, whatever.

I will try to test with just the built-in basic auth but that’s not a
long
term solution for me, I need pam/mysql behind the auth (lot of virt
users).

by the way, i changed to nginx basic_auth and when I enter
wrong credentials, it allows me endless tries. i’m was used
to apache gives a 5xx page after three bad tries. i guess you
could refresh that and try again in apache too, but endless
tries without a error for nginx? is there a way to change this?

I have set up HTTP auth using the auth_pam module (although

Sorry I guess I meant 401 instead of 5xx? Well, same question tho.


by the way, i changed to
nginx basic_auth and when I enter
wrong
credentials, it allows me endless tries. i’m was
used
to apache gives a 5xx page after three
bad tries. i guess you
could refresh that
and try again in apache too, but endless
tries without a error for nginx? is there a
way to change this?

I
have set up HTTP auth using the auth_pam module (although
I’m not sure that module is the
problem - it might be nginx

problem).

https://github.com/stogh/ngx_http_auth_pam_module/

All works great
for a while----

After some time, browsers begin to
prompt for authentication
over
and over again (I guess once for every
image, stylesheet,
script, etc?).
Or maybe it is prompting because the
credentials failed, but
I
don’t
think so because if I hit
cancel/ESC over and over again, I
can
use
the web page (I’m still
authenticated), but none of the

images or

scripts have loaded.

The logs
don’t show any indication of what caused the
prompts to
start
showing. Previously, I saw this error (in nginx’s
error log)

associated with the situation:

Can’t initialize threads: error
11

This looks
a little like a MySQL error (I use pam_mysql
behind

auth_pam).I don’t know if there is some bad code in

auth_pam
causing
this(?). Restarting nginx fixed the prompting in
this case.

However, today, the prompting started
again and the above
error
does NOT appear. I don’t see any
errors. Browser doesn’t
matter

tried it on firefox, mobile,
whatever.

I
will try to test with just the built-in basic auth but
that’s not a long
term solution for me, I need pam/mysql
behind the auth (lot
of virt
users).

scripts have loaded.
Oh, I think this is caused by misunderstnad how locations
working. I had:

location ~* .php$ {…PHP settings…}
location /admin {…HTTP AUTH settings…}

After reading about locations now I understand that ONLY ONE gets used.
Which means PHP was working fine but HTTP AUTH was only protecting
the non-PHP files in /admin! Am I correct?

So problem in this case is caused by when browser forgets auth
credentials
but PHP files not protected so it displayed the cached PHP file OK but
all
the images and script files cause prompt for auth. Many prompts over and
over.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs