Apache Access control policy

[kadoudal]

I created vhost with access control on a directory, but it seems that no control at all are performed.... (existing users and passwords in the AuthUserFile....) when reaching the URL http://www.mydomain.net/mysuburi

here is my /var/www/vhosts/mydomain.net/conf/vhost.conf

<Directory /var/rails/mydomain/dev/mysuburi/current/public >
AuthType Basic
AuthName "mydomainRepository"
AuthUserFile /etc/apache2/dav_mydomain.passwd
Require valid-user
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order deny,allow
Deny from all
Allow from all
</Directory>

which is strange, is that this AuthUserFile is used also to control the access to a subdomain (svn) and this time the control is performed when reaching the url "http://svn.mydomain.net/myproject"

/var/www/vhosts/mydomain.net/subdomains/svn/conf/vhost.conf

<Location /myproject >
DAV svn
SVNPath /var/svn/opticoaching/myproject
AuthzSVNAccessFile /etc/apache2/opticoaching_svn_access.rules
Require valid-user
AuthType Basic
AuthName "mydomainRepository"
AuthUserFile /etc/apache2/dav_mydomain.passwd
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>
</Location>

Am I missing anything important ? (I guess so, but what ? and where ?)

thanks for your help

 

[igors]

Hi,

Make sure that /etc/apache2/dav_mydomain.passwd is readable to user/group httpd is running under (usually it is apache/apache).

Also try running
/usr/local/psa/admin/bin/websrvmng -v -a

to rebuild apache configs. Perhaps /var/www/vhosts/mydomain.net/conf/vhost.conf was simply not included - it should be included after websrvmng execution

If it does not help then try checking apache error log when accessing domain page:
/var/www/vhosts/mydomain.net/statisits/logs/error_log

Maybe this will give more clues.