Dev. Mode & Basic HTTP Authentication

Hi,

Hopefully someone can help me with this little problem.

I have set up a dev. domain to point at my regular mongrel cluster
(used for the regular domain), but when adding basic authentication
to limit the access using a simple name/pass - it isn’t getting
picked up by apache2.

I have pointed the document root and directory of the virtual server
elsewhere, and it picks up the authentication straight away.

I’m guessing that the rewrite rule to push the requests over to the
mongrel_cluster are taking precedence

I’m scratching my head on this, can anyone help? - it’s in the howto,
so hopefully it’s something basic I’m not getting.

Cheers,

Dominic

I have set up a dev. domain to point at my regular mongrel cluster
(used for the regular domain), but when adding basic authentication
to limit the access using a simple name/pass - it isn’t getting
picked up by apache2.

I have pointed the document root and directory of the virtual server
elsewhere, and it picks up the authentication straight away.

I’m guessing that the rewrite rule to push the requests over to the
mongrel_cluster are taking precedence

This is a little late…but…

Did you try using the location directive to restrict access?

<Location /intranet>
AuthType Basic
AuthName “Intranet”
AuthUserFile /etc/httpd/conf/http.users
AuthGroupFile /etc/httpd/conf/http.group
Require group my_grp

This works for me with apache 2.0.x and mod_proxy.

HTH,
-Ryan Casey

Ryan’s method should work, but make sure that comes above your proxy
rule. Apache is sensitive to the orders of certain things.

Sean

Thanks for the reply - I didn’t - I was just using the directory
directive … I guess location has a higher priority as it gets
picked up whereas directory doen’t.

I have pretty much left it closed for now as it hasn’t been necessary
to add. Although it would be a nice to allow the previewing of draft
pages - whilst restricting access…

Please forgive my ignorance, but I don’t understand how restricting
access to dev.site/path helps though, as people can still see
dev.site/ - which is what I am trying to restrict…

Are you redirecting everything to be accessed via /path and then
restricting that? If so how are you doing that just for the dev. site?

Thanks for your help - both of you.

Hmm, I’m not sure what you mean - I have two virtual hosts at the
moment, one setup with www.site and one with dev.site - both
redirecting to the mongrel_cluster…

I’m going to be hosting many sites on this box so adding a location
directive of / won’t work as it will restrict access to everything,
and the directory directive doesn’t seem to get picked up before the
redirect is implemented from the virtualhost directive. I think the
virtualhost directive has a higher priority than the directory
directive, so gets implemented before the directory directive…

Its not really a problem, as I don’t really need it right now, but it
would be nice to know that it is possible with this type of setup.

Save connecting via different method I’m not sure what else is
possible. Any help would be greatly appreciated.

Cheers

Hmm, I’m not sure what you mean - I have two virtual hosts at the
moment, one setup with www.site and one with dev.site - both
redirecting to the mongrel_cluster…

I think what Sean was suggesting and what might work is inside your
dev.site
virtual host definition, add the directive and have the
access
permissions there.

For your www.site vhost directive, don’t include a Location restriction.

Thanks,
-Ryan Casey

Actually sounds like you need two virtual host. The “dev.mysite.com
would have the added HTTP authentication, not a specific location or
directory. You could still proxy to the same Mongrels inside the
second virtual host.

Sean

Thanks, I double triple checked my apache setup again and it turns
out I was loading the include file with the config twice, once from
inside the virtual host, and also before any virtual hosts were
applied - hence the problem.

A stupid mistake I should have caught first time round… Apologies
for taking up your time -and many thanks for helping me go over and
check my setup properly.

Cheers

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs