Author |
Message |
Hypergluco
Junior WebHelper
Joined: 04 May 2006
Posts: 6
Location: London
|
Posted:
Thu May 04, 2006 4:27 pm (17 years, 11 months ago) |
|
I'm a designer more than a developer so I'd really appreciate some help with this.
It seems a very straightforward problem. I use .htaccess to protect a section of a client's site, successfully, in conjunction with an .htpasswd file which sits outsite the public root. When login fails, I get the usual Apache 401 screen which looks like ****, so I've included an ErrorDocument redirect to my own error page (401.html), and the htaccess looks like this:
AuthUserFile /home/user/.htpasswd
AuthGroupFile /dev/null
AuthName "Students"
AuthType Basic
ErrorDocument 401 http://www.myclient.co.uk/401.html
<Limit GET POST PUT>
require valid-user
</Limit>
It doesn't work. It just goes to the Apache 401 page without redirecting.
Surely login failure redirection to a more attractive page than Apache's effort is common? Help me here - this makes sense to me so I don't understand why it won't work.
Thanks
James |
|
|
|
|
adam
Forum Moderator & Developer
Joined: 26 Jul 2002
Posts: 704
Location: UK
|
Posted:
Fri May 05, 2006 8:01 am (17 years, 11 months ago) |
|
Have you tried "ErrorDocument /401.html" rather than using a full URL? |
________________________________ It's turtles all the way down... |
|
|
|
Hypergluco
Junior WebHelper
Joined: 04 May 2006
Posts: 6
Location: London
|
Posted:
Fri May 05, 2006 8:57 am (17 years, 11 months ago) |
|
Hi Adam,
thanks for your reply.
The problem here is that in order to use /401.html I'd have to put the error document in the protected folder. When I do this, login failure brings the login dialogue back up continuously and doesn't render the error page, presumably because accessing the 401.html file requires authentication as well. The cancel button has no effect. Can I keep the error document in the public root and use ErrorDocument 401 /../401.html or something like it? I don't seem to be able to get this to work either.
James |
|
|
|
|
adam
Forum Moderator & Developer
Joined: 26 Jul 2002
Posts: 704
Location: UK
|
Posted:
Fri May 05, 2006 9:01 am (17 years, 11 months ago) |
|
I see. Rather than putting the ErrorDocument line in the .htaccess file in the protected directory, you could put it in a .htaccess file in the parent directory. |
________________________________ It's turtles all the way down... |
|
|
|
Hypergluco
Junior WebHelper
Joined: 04 May 2006
Posts: 6
Location: London
|
Posted:
Fri May 05, 2006 9:13 am (17 years, 11 months ago) |
|
As I understand it, the .htaccess file that's in the protected (students) folder takes precedence over the one in the root. Having said that, when I have the errordocument .htaccess file in the root and the password protect .htaccess file in the students folder, it behaves exactly as it does when I try to put the 401.html file in the students folder - it just continually asks for authentication while failing to render the error page in the background.
Have a look: www.bcnh.co.uk/students
Cheers
james |
|
|
|
|
adam
Forum Moderator & Developer
Joined: 26 Jul 2002
Posts: 704
Location: UK
|
Posted:
Fri May 05, 2006 9:36 am (17 years, 11 months ago) |
|
Can you paste the exact contents of the .htaccess file from the root directory? |
________________________________ It's turtles all the way down... |
|
|
|
Hypergluco
Junior WebHelper
Joined: 04 May 2006
Posts: 6
Location: London
|
Posted:
Fri May 05, 2006 9:45 am (17 years, 11 months ago) |
|
Here's the code in the root:
ErrorDocument 401 /401.html
ErrorDocument 403 /401.html
ErrorDocument 404 /401.html
ErrorDocument 500 /401.html
and the code in the students folder:
AuthUserFile /home/myid/.htpasswd
AuthGroupFile /dev/null
AuthName "Students"
AuthType Basic
<Limit GET POST PUT>
require valid-user
</Limit> |
|
|
|
|
adam
Forum Moderator & Developer
Joined: 26 Jul 2002
Posts: 704
Location: UK
|
Posted:
Sun May 07, 2006 8:44 pm (17 years, 11 months ago) |
|
That's very strange. I can't see any reason why it should be acting like it is. Unless I'm missing something obvious, all I can think of is that it could be some kind of mis-configuration somewhere in httpd.conf. |
________________________________ It's turtles all the way down... |
|
|
|
Hypergluco
Junior WebHelper
Joined: 04 May 2006
Posts: 6
Location: London
|
Posted:
Mon May 08, 2006 11:21 am (17 years, 11 months ago) |
|
Is this a job for the host admin people? |
|
|
|
|
adam
Forum Moderator & Developer
Joined: 26 Jul 2002
Posts: 704
Location: UK
|
Posted:
Mon May 08, 2006 11:24 am (17 years, 10 months ago) |
|
More than likely it is. They're in a much better position to figure out what's going on |
________________________________ It's turtles all the way down... |
|
|
|
Hypergluco
Junior WebHelper
Joined: 04 May 2006
Posts: 6
Location: London
|
Posted:
Mon May 08, 2006 11:35 am (17 years, 10 months ago) |
|
Oh dear. 'We'll have to charge for that'. I'll send them a polite enquiry and let you know what they say.
Cheers
James |
|
|
|
|
|