Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [http-basic-authentication]

256 questions
2
votes
1 answer

Combine apache auth providers of different types with basic auth only if proactively provided by client

I'd like to be able to have a path on an apache server (2.4.18+ on ub16) that primarily authenticates using SAML (using the mod_auth_mellon plugin) for interactive use, but also supports having the caller pre-emptively send Basic auth credentials.…
Nathan Neulinger
  • 607
  • 1
  • 6
  • 17
2
votes
1 answer

how to correctly configure Httpd basic auth for pass through proxy

I have been asked to set up an basic auth prompt in front of our Jira server. I am using a proxypassthrough on httpd to allow access to jira in the first place. When ever I try to connect I am prompted and upon completing login , I am sent to the…
LUser
  • 217
  • 1
  • 6
  • 15
2
votes
1 answer

HA Proxy: Omit basic auth for specific URIs

Given a userlist such... userlist UsersAuth group admin users foo user foo insecure-password bar And a backend containing this... acl AuthOkay_Web http_auth(UsersAuth) http-request auth realm AuthYourself if !isOptions !AuthOkay_Web How can…
Ian Atkin
  • 203
  • 2
  • 9
2
votes
1 answer

basic authentication with domain accounts on Windows Server 2008

A very weird issue that never encountered with Windows Server 2003: when configuring basic authentication to restrict access to specific directories in IIS7 I've done the following: Enabled basic authentication and disabled anonymous authentication…
Ted
  • 248
  • 2
  • 5
  • 16
2
votes
1 answer

Pass basic authentication credentials in .htaccess rewrite to protected folder

I have two folders, F1 and F2, under my public folder, each with an .htaccess file in them. F1 is protected by basic auth in .htaccess, like this: AuthName "Restricted Area" AuthType Basic AuthUserFile /home/myaccount/.htpasswd AuthGroupFile…
mmiddleton
  • 205
  • 2
  • 5
2
votes
1 answer

How to get nginx to properly proxy (incl. basic auth creds set in the headers) an Apache?

Edit: If you have an idea on how to improve the question or which details are missing from it, please do leave a comment. Expected Outcome: I am trying to deploy nginx as a reverse proxy to let me expose files served by an Apache, without giving out…
Wilhelm Uschtrin
  • 121
  • 1
  • 4
2
votes
1 answer

Limiting the number of basic authentication attempts in Apache

I'm using HTTPS + Basic authentication to protect a resource. How can I throttle authentication attempts to protect against brute force attacks?
Robert Munteanu
  • 1,644
  • 5
  • 23
  • 41
2
votes
1 answer

basic authentication failing with mod-proxy-fcgi and php7.0-fpm

Ubuntu 16.04 LTS running on AWS instance. Apache 2.4.18 / PHP7.0-fpm Problem is with basic-auth. I'm trying to pw-protect /var/www/html/admin//. I find that all non-php files are protected - but .php files seem to go straight to proxy without…
williamk
  • 133
  • 1
  • 10
2
votes
2 answers

Can HAProxy load a userlist from a file?

I can't seem to see anything in the documentation, but this seems like an obvious feature. I want to supply a file containing a list of users for Basic Authentication. I don't want to edit the HAProxy config file every time a new user is added. The…
Joe
  • 529
  • 8
  • 18
2
votes
1 answer

Nginx auth basic not working with rewrite

I need to protect one directory with the basic auth and rewrite all urls inside this directory only. I have the following config: location /admin/ { auth_basic "Secure area"; auth_basic_user_file .htpasswd; …
Ssey
  • 21
  • 1
  • 4
2
votes
1 answer

Is it possible to setup basic authentication for 1 specific domain binding only?

I just want to enable basic auth for 1 domain binding only and leave the rest public accessible. Is this possible with IIS?
Tuan Anh Tran
  • 165
  • 1
  • 13
2
votes
1 answer

Basic Auth User Management

I have 2 questions regarding Apache Basic Auth that i currently am utilising. I have a website that after a certain action, the website will produce a Basic Auth username and password for the user to use to access a service. This is working OK at…
Tom Burman
  • 123
  • 4
2
votes
1 answer

HAProxy basic auth except from specific IP

I have set up basic authentication for my backend, like this: backend webservers acl is_auth_ok http_auth(SiteUsers) http-request auth realm MySite if !is_auth_ok This works but now I want to exclude a certain IP from being challenged with…
Emmet O'Grady
  • 51
  • 1
  • 6
2
votes
0 answers

IIS 8.5 Credentials working for windows authentication but not for basic

I have an IIS 8.5 on a windows server 2012 machine. When I enable the windows authentication (basic authentication is disabled), I can access and see the home page of IIS (http://localhost) with the credentials of a LDAP user in the same domain.…
CrusaderPyro
  • 21
  • 1
2
votes
4 answers

Lock down Wiki access to password only but remain open to a subnet via .htaccess

Basically we have a Wiki that has some sensitive information stored in it - not the best I know but my predecessor set it up. I want to be able to request password access from any one who is not on the local network subnet. Those on the local…
Treffynnon
  • 249
  • 4
  • 12
1 2 3
17 18