| Author |
|
ITCodex
Joined: 24 Feb 2011
Posts: 6
Location: Hungary
|
 Posted: Thu 24 Feb '11 12:27 Post subject: Bypass (skip) virtual host authentication |
 |
|
Hi All!
I have a little problem with Apache authentication on virtual hosts.
Overview:
We have a Windows Server 2003 and there is an Apache 2 installed on it.
The Apache2 manages our company's (my workplace) subdomains by its virtual hosts.
Two of our subdomains are require authentication, the others not.
The authentication had set by this way:
| Code: | <VirtualHost *:80>
ServerName test.domain.tld
ProxyRequests Off
<Proxy *:80>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8004/
ProxyPassReverse / http://localhost:8004/
<Location />
AuthType Basic
AuthName "Test"
AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/auth/password"
AuthGroupFile "C:/Program Files/Apache Software Foundation/Apache2.2/auth/pwgroup"
require group Users
Order allow,deny
Allow from all
</Location>
ErrorLog ...
CustomLog ...
etc.
</VirtualHost>
|
We recently bought a new HDD and it was inserted into the server to store media files (mainly MP4).
These files should be played across the company's website. (e.g. with FlowPlayer)
I configured the HTML video player to play the streams, files from our internal website, but unfortunately an Apache authentication pop-up window appears when I click to play button!
Currently, our media subdomain virtual host's setting looks like:
| Code: | <VirtualHost *:80>
ServerName media.domain.tld
DocumentRoot "G:/"
<Directory "G:/">
AuthType None
Require all granted
Satisfy Any
Order allow,deny
Allow from all
</Directory>
ErrorLog ...
CustomLog ...
LogLevel ...
</VirtualHost>
|
On the "G:\" drive there are only an index.html file and some folders (which contain the videos).
My questions are: 
- Is this media subdomain configuration is correct?
- What should I modify if I have to?
- How can I resolve this issue? How to bypass the authentication, to play videos immediately and seamlessly???
Thanks in advance!
Peter |
|
| Back to top |
|
ITCodex
Joined: 24 Feb 2011
Posts: 6
Location: Hungary
|
| Posted: Fri 25 Feb '11 10:42 Post subject: Problem solved |
|
|
The problem is - probably - solved.
The solution:
| Code: |
<VirtualHost *:80>
ServerName media.domain.tld
DocumentRoot "G:/"
<Directory "G:/">
#AuthType None
#Require all granted
Order deny, allow
Allow from all
Satisfy Any
</Directory>
ErrorLog ...
CustomLog ...
LogLevel ...
</VirtualHost>
|
But any other idea is welcome...  |
|
| Back to top |
|
ITCodex
Joined: 24 Feb 2011
Posts: 6
Location: Hungary
|
| Posted: Mon 07 Mar '11 15:12 Post subject: Problem is still alive... |
|
|
Unfortunately, the problem is still exists! 
Does anybody have any idea to figure out how can I solve this issue? |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7407
Location: EU, Germany, Next to Hamburg
|
| Posted: Mon 07 Mar '11 15:38 Post subject: |
|
|
Are you using apache 2.3 or why do you use Require all granted?
For apache 2.3
| Code: |
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
|
For apache 2.2
| Code: |
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
|
|
|
| Back to top |
|
ITCodex
Joined: 24 Feb 2011
Posts: 6
Location: Hungary
|
| Posted: Tue 08 Mar '11 8:45 Post subject: |
|
|
Dear "James"!
Thanks for your reply!
We're using Apache2.2.
The "Require all granted" is commented out previously!
I tried out, you wrote but unfortunately there is no change with this problem.
Should I reinstall Apache???
Thanks! |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7407
Location: EU, Germany, Next to Hamburg
|
| Posted: Tue 08 Mar '11 10:22 Post subject: |
|
|
There is no need to reinstall it.
What is in the error log and access log?
example config
| Code: |
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot C:/www/
<Directory C:/www/>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog C:/apache2/logs/error.log
ProxyPass / http://localhost:8004/
ProxyPassReverse / http://localhost:8004/
<Location />
AuthType Basic
AuthName "Test"
AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/auth/password"
AuthGroupFile "C:/Program Files/Apache Software Foundation/Apache2.2/auth/pwgroup"
require group Users
Order allow,deny
Allow from all
</Location>
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog C:/apache2/logs/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName media.example.com
DocumentRoot G:/
<Directory G:/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog C:/apache2/logs/media_error.log
LogLevel warn
CustomLog C:/apache2/logs/media_access.log combined
</VirtualHost>
|
|
|
| Back to top |
|
ITCodex
Joined: 24 Feb 2011
Posts: 6
Location: Hungary
|
| Posted: Tue 08 Mar '11 11:49 Post subject: |
|
|
In the log files there are nothing interesting entry.
Interestingly, I didn't find any record in the logs that would tell me there is a request arrived from outside when I try to play the video... (the login box still pops-up)
Error log:
| Code: |
[Tue Mar 08 10:34:12 2011] [error] [client 127.0.0.1] File does not exist: G:/favicon.ico
|
| Code: |
127.0.0.1 - - [08/Mar/2011:10:34:12 +0100] "GET /favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7"
127.0.0.1 - - [08/Mar/2011:10:34:15 +0100] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7"
|
...naturally I can't play any video!
The player says: Video not found or access denied! |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7407
Location: EU, Germany, Next to Hamburg
|
| Posted: Tue 08 Mar '11 18:00 Post subject: |
|
|
| Can you download the file with your browser? What is in the logs if you try to open it with your media player? Do the file names contain special characters like white space or other stuff? |
|
| Back to top |
|
ITCodex
Joined: 24 Feb 2011
Posts: 6
Location: Hungary
|
| Posted: Wed 09 Mar '11 11:18 Post subject: |
|
|
Hi!
Yes, I can download the file (without authentication) in the browser by entering the full path. The file names contains no whitespace, but includes "-" hyphens and "_" underscores...
This is when I download directly from browser:
xxx.xxx.xxx.xxx - - [09/Mar/2011:09:51:02 +0100] "GET /Video/2011-01-13_Meetup/part1.mp4 HTTP/1.1" 200 1678016512 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.15) Gecko/20110303 Ubuntu/10.04 (lucid) Firefox/3.6.15"
...but I can tell you repeatedly that there is no any record when the video player tries to access the file. |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7407
Location: EU, Germany, Next to Hamburg
|
| Posted: Fri 11 Mar '11 5:25 Post subject: |
|
|
| Did you try different video players? Cause if you can download the file via browser it is not an apache problem. |
|
| Back to top |
|
