Bug #1193
closedHTTP basic auth throwing 401 on non-slash trailed URL
Description
Greetings,
Using either a symlink (if the content is already present in an existing path, making a symlink in that same path back to its parent directory. ex: "ln -s . foo") or alias.url along with an auth.require section, URLs ending in a slash function properly, but those without get thrown a HTTP 401 error. Removing the auth requirement makes both URLs act consistently, responding with the right content. The order in which mod_alias and mod_auth load has no impact.
Example config snippets:
auth.backend = "plain"
auth.backend.plain.userfile = "/etc/lighttpd/auth"
auth.require = (
"" => (
"method" => "basic",
"realm" => "Authentication Required",
"require" => "valid-user"
)
)
alias.url = ( "/foo" => "/usr/local/www")
Thank you,
David Burley
-- burley
Updated by darix over 17 years ago
a few comments from irc:
1. the auth block is global
2. module load order doesnt matter
Updated by gstrauss over 8 years ago
- Description updated (diff)
- Assignee deleted (
jan) - Missing in 1.5.x set to Yes
FYI: this does not appear to be a problem with lighttpd 1.4.x; I am unable to reproduce the error in lighttpd 1.4.x using the sample config posted above.
Also available in: Atom