Troubleshooting mod_auth_db

Any ideas how to troubleshoot mod_auth_db?

Everything seems to be in order...

httpd.conf says AddModule/LoadModule mod_auth_db.so...
I put .htaccess in the protected directory with all the directives...
I created .htpasswd with dbmmanage and that file exists...

But when I fire up the protected page in my browser the server only says "access forbidden" and won't throw me an authenitication box...

Any help much appreciated.

>> I created .htpasswd with dbmmanage and that file exists

You shouldn't use and fancy db authentication if you can't get the plain text htpasswd to work. If you don't have that many users (100 fewer), don't use db, it's slower.

>> the server only says "access forbidden"

Can you access to that dir when that .htaccess is removed?
If not, you need options Indexes

<Directory "/path/to/docroot/protected_dir">
# or /path/to/docroot
options Indexes
..
..
</Directory>

>> and won't throw me an authenitication box

Right on. Apache is not reading your Auth... lines because you have told Apache not to grant permission for .htaccess to do so. You need AllowOverride AuthConfig or AllowOverride All to enable that. Start here -> http://httpd.apache.org/docs/mod/co...l#allowoverride

>> I created .htpasswd with dbmmanage and that file exists

It doesn't matter whether or not .htpasswd exists, at the very least, you should get authentication prompt. Whether you can authenticated relies on .htpasswd.

If you still have any problems with this, maybe you should start here -> http://www.apacheweek.com/features/userauth or post your .htaccess plus the fake or real URL plus the directory paths or so.

I fiddled with httpd.conf a bit, adding the lines:

<Directory /path/to/file>
AllowOverride AuthConfig
</Directory>

and that seemed to do the trick; I get an authorization box when trying to the access protected page.

However, no username/password combination added via the dbmmanage adduser command seems to work!

Help! Help!

I will have to work on that tomorrow.

Thanks again for the help.

----------------
I can understand anything that's explained well enough.

Check the message .htaccess never matches the password, when password is correct in this Forum and go to http://www.apacheweek.com/features/. I already told you not to use the fancy db authentication stuffs when you can't even get the simple plain text .htpasswd to work. You are just causing yourself some troubles for not listening.

My httpd/error_log reads:

...Can't open db auth file...

so I searched around the web and, well, there could be a bug in the dbmmanage script. I found this bit of code which was offered as a patch:

# Got this from http://www.humanfactor.com/cgi-bin/...9/Mar/0087.html


package dbmmanage;
-# -ldb -lndbm -lgdbm
-BEGIN { @AnyDBM_File::ISA = qw(DB_File NDBM_File GDBM_File) }
+
use strict;
use Fcntl;
-use AnyDBM_File ();
+use Getopt::Std;
+
+# shorthand-to-real-name lookup
+my %formats = ( "db", "DB_File",
+ "ndbm", "NDBM_File",
+ "gdbm", "GDBM_File" );
+
+my %opts;
+getopt 'f:', \%opts;
+if (my $dbm_class = $formats{$opts{'f'}}) {
+ @AnyDBM_File::ISA = ($dbm_class);
+}
+require AnyDBM_File;

my($file,$command,$key,$crypted_pwd) = @ARGV;

@@ -91,7 +102,7 @@
my($mode, $flags) = $command =~
/^(?:view|check)$/ ? (0644, O_RDONLY) : (0644, O_RDWR|O_CREAT);

-tie %DB, "AnyDBM_File", $file, $flags, $mode || die "Can't tie $file: $!";
+tie %DB, "AnyDBM_File", $file, $flags, $mode or die "Can't tie $file: $!";
dbmc->$command();
untie %DB;


...

I put this in my dbmmanage script, and lo, it didn't seem to make any difference. It creates a Berkeley DB file which still cannot be opened!

Regards,

Apache doc doesn't mention this, you can either use mod_auth_db or mod_auth_dbm (not both), compiling both are known to cause problems. Find out which particular one your OS supports. When compiling apache from src, you should explicitly disable either one of those modules.

http://www.apacheweek.com/features/dbmauth says I must edit the Configuration file in the Apache /src directory, then run ./Configure and Make. What is the configuration file called, I can't seem to find it. Thanks.