I am trying to password protect a web directory with apache. I have the site set up like this:
D:/
webapp/
lib/
.htpasswd
document_root/
admin/
index.php
.htaccess
The .htaccess has:
AuthName "Authorization Required"
AuthType Basic
AuthUserFile D:\webapp\lib\.htpasswd
require valid-user
And the .htpasswd has:
user:passworddigest
When I try to access localhost/index.php in the browser I get a 500 error. The apache error log has this:
["date"] [crit] [client "ip"] configuration error: couldn't check user. Check your authn provider!: /admin/
I have googled but I can't figure out what this error means in the context of my server. Anyone know what's up? Also, it would solve my problem if someone had a simple method of using apache for authenticating a web directory on a windows server.
If it is not a permissions problem like Jim B suggested above (I also suspect that) you might not have loaded the authn module in Apache - mod_authn. I do not know how to do that in Windows but I am pretty sure if you google around you will find out how it's done.
I think you have wrong auth-type (
AuthType Basic) in your .htaccess, looking at your.htpasswdit tells me that the password is setup byhtdigest& nothtpasswd(correct me if I am wrong) and hence the configuration error.To solve this, try the following
.htaccessinfo & the problem should go away:But I would suggest you to use the above method, since the
password is transmitted inMD5 Digestin the network whereasAuthType Basic` transfer the password in a clean text.But, if you insist to have
AuthType Basicthen, try the following.htaccess:& create the htpassword from following link:
and update your
.htpasswdfile.I haven't done this on Windows, but try to enable the auth_digest module in your httpd.conf file by uncommenting this line in it, if it's commented out. I know it's disabled by default: