HTTP authentication does not work

Bug #1341607 reported by Damien
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

After trying multiple suggestions over several days, basic HTTP auth for Apache subdirs still does not work, usually resulting in "No require lines available" in the error log regardless of what I do. Vhost config appears correct.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: apache2 2.4.7-1ubuntu4
Uname: Linux 3.10.23-xxxx-std-ipv6-64 x86_64
Apache2ConfdDirListing: False
ApportVersion: 2.14.1-0ubuntu3.2
Architecture: amd64
Date: Mon Jul 14 10:34:47 2014
InstallationDate: Installed on 2014-04-16 (89 days ago)
InstallationMedia:

ProcEnviron:
 TERM=xterm
 SHELL=/bin/bash
 PATH=(custom, no user)
 LANG=en_GB.UTF-8
 XDG_RUNTIME_DIR=<set>
SourcePackage: apache2
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.apache2.apache2.conf: [modified]
modified.conffile..etc.apache2.conf.available.security.conf: [modified]
modified.conffile..etc.apache2.sites.available.000.default.conf: [modified]
modified.conffile..etc.apache2.sites.available.default.ssl.conf: [modified]
mtime.conffile..etc.apache2.apache2.conf: 2014-07-14T10:25:05.510444
mtime.conffile..etc.apache2.conf.available.security.conf: 2014-07-07T17:05:25.329780
mtime.conffile..etc.apache2.sites.available.000.default.conf: 2014-07-11T13:31:30.026502
mtime.conffile..etc.apache2.sites.available.default.ssl.conf: 2014-07-07T17:06:21.225780

Revision history for this message
Damien (online-i) wrote :
Revision history for this message
Seth Arnold (seth-arnold) wrote : Bug is not a security issue

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

information type: Private Security → Public
Revision history for this message
Seth Arnold (seth-arnold) wrote :

Note that "Allow" and "Deny" have been deprecated in Apache 2.4 for a simpler authentication and authorization framework: http://httpd.apache.org/docs/current/howto/access.html

Thanks

jose gomez (jbecerra446)
description: updated
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

According to Seths comment and that nobody else jumped in with the same issue I'd consider setting the bug as incomplete as there are non-deprecated new ways available.

Changed in apache2 (Ubuntu):
status: New → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for apache2 (Ubuntu) because there has been no activity for 60 days.]

Changed in apache2 (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.