Inets httpd and script security

Heinrich Venter heinrich@REDACTED
Mon Nov 14 11:28:32 CET 2005


Hi
 
I have found the solution to my problem below.  There were two things
1) The "AuthDBType plain" directive should have been "AuthDBType plain".
The match in mod_auth is on "AuthDBType "
2) If the auth_type is plain then mod_auth_plain assumes that
AuthGroupFile is defined.  If it is not then inets does not start up
with the following error.  I don't think this is the correct behaviour.

=SUPERVISOR REPORT==== 14-Nov-2005::11:51:20 ===
     Supervisor: {local,httpd_instance_sup_8888}
     Context:    start_error
     Reason:     {'EXIT',{function_clause,
                             [{lists,do_flatten,[undefined,[]]},
                              {lists,do_flatten,2},
                              {mod_auth_plain,load_group,1},
                              {mod_auth_plain,store_directory_data,2},
                              {mod_auth,store,2},
                              {httpd_conf,store_traverse,3},
                              {httpd_conf,store,4},
                              {httpd_manager,do_initial_store,1}]}}

So to get authentication on a script, the following config works

...
ErlScriptAlias /handler config
...
<Directory /handler/config>
AuthDBType plain
AuthUserFile /dir/to/passwd
AuthGroupFile /dir/to/group
AuthName Configuration
allow from all
require user administrator
require group admin
</Directory>

-]-[einrich




More information about the erlang-questions mailing list