Questions tagged [http-authentication]

70 questions
55
votes
6 answers

How to configure basic authentication in Apache httpd virtual hosts?

I'm trying to configure mercurial access using Apache http. It requires authentication. My /etc/apache2/sites-enabled/mercurial looks like this: NameVirtualHost *:8080 UseCanonicalName Off ServerAdmin …
Jader Dias
  • 4,625
  • 18
  • 48
  • 50
27
votes
3 answers

Possible to add basic HTTP access authentication via HAProxy?

I've successfully setup HAProxy in front of an HTTP server which I have no control over. Is it possible to configure HAProxy to add Simple HTTP Authentication to all sites, bearing in mind I can't configure this on the backend? Thanks, Lars
Lars Schneider
  • 373
  • 1
  • 3
  • 5
22
votes
2 answers

Troubleshooting Windows Authentication problems (no challenge) in IIS 7.5?

I know that there are thousands of reports of people having trouble getting Integrated Windows Authentication to work with IIS, but they all seem to lead to web pages that don't apply or solutions that I've already tried. I've deployed dozens of…
Aaronaught
  • 492
  • 2
  • 4
  • 13
9
votes
6 answers

Apache - Redirect to https before AUTH

I have a development site up that requires a username and password (basic http auth) before the user can see the site. I'd like to redirect to a secure protocol first, before the user can send in the password in clear text. Any thoughts on how to…
Jay
  • 193
  • 1
  • 5
7
votes
3 answers

Using Mod_rewrite and Authentication on ALL incoming URLs

I have a need to make sure that my url, call it www.domain.com is always protected at least via Basic HTTP authentication. Also, I want to use mod_rewrite to send my users to one of two OC4j instances running on my server. I also want to protect my…
El Guapo
  • 171
  • 1
  • 3
7
votes
3 answers

What's the easiest way to create an HTTP proxy which adds basic authentication to requests?

I am trying to use a service provided by a server which requires basic HTTP authentication, however the application I am using does not support authentication. What I'd like to do is create a proxy that will enable my auth-less application to…
joshdoe
  • 173
  • 1
  • 1
  • 3
6
votes
2 answers

ngx_http_auth_request_module equivance for HAProxy

Does an equivalent module to nginx's ngx_http_auth_request_module exist for HAProxy or Apache? This module allows support for custom authentication through HTTP. I quote: The ngx_http_auth_request_module module (1.5.4+) implements client…
Klaus
  • 181
  • 1
  • 6
6
votes
2 answers

How to use basic auth for single file in otherwise forbidden Apache directory?

I want to allow access to a single file in a directory that is otherwise forbidden. This did not work: ServerName example.com DocumentRoot /var/www/html Options FollowSymLinks …
mit
  • 1,844
  • 6
  • 29
  • 42
5
votes
3 answers

Single sign on with Apache and LDAP

I have a server running two web applications: Gerrit and Mantis BT. Now, these applications connect to an LDAP server to authenticate users and it works fine. But the user has to authenticate for each application; I would like to allow the user to…
4
votes
1 answer

Are there possible problems with long htaccess passwords or symbols in htaccess passwords?

We have a directory we've protected using an .htaccess password. Both the username and password are long, complex, with various symbols. I can log in from my machines (I've tried IE, Firefox, Chrome) without any difficulty. Some users however,…
Iain
  • 141
  • 1
  • 3
3
votes
0 answers

PKI Authentication in HTTPD using Active Directory (LDAP)

In my environment, an external entity provides a Root CA & Intermediate CA(s). They issue thousands of smartcards with PKI certificates for authentication. They provide the Client Authentication (OID 1.3.6.1.5.5.7.3.2) inside the extended key…
3
votes
0 answers

How to set up authentication server before request reach API server using HAProxy?

I want a set up that would force all requests to be authenticated before reaching the application server. I'm seeing HAProxy support basic HTTP Authentication but I couldn't find any info about making custom authentication. So the scenario would be…
RobGThai
  • 131
  • 6
3
votes
1 answer

How to disable nginx basic_auth for one location but enable it for the rest of the site

I'm trying to get basic_auth disabled for a specific directory (/api/), but still have basic auth for the rest of the site I'm working with. The following is my nginx.conf: server { # base settings listen 80; server_name…
3
votes
1 answer

How do you http-auth all sites on a server?

I'm setting up a development server and need to apply these basic rules to all virtual hosts on the server in the /var/www/html directory. AuthType Basic AuthName "Development Area" AuthUserFile /var/www/.htpasswd Require valid-user I simply tried…
Dunhamzzz
  • 187
  • 6
3
votes
0 answers

How can I disable HTTP Basic Auth on my Apache instance for a specific REQUEST_URI

I have a linux instance hosting a WordPress site and it has Basic HTTP Auth enabled for the entire site. I now want to disable the Basic HTTP Auth for a specific path we can call /auth-free-url-2019. My first thought was to set an ENV variable in…
1
2 3 4 5