Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [http-basic-authentication]

256 questions
1
vote
1 answer

How can I add basic auth to an apache proxy while using CORS headers?

Background I use grafana for displaying graphs of our server-metrics. Grafana is a JS-app which in our case is getting the data from graphite and storing search-queries in elasticsearch. All three services have their own vhost, although being on the…
kronn
  • 182
  • 1
  • 17
1
vote
2 answers

Persist basic authentication across protocols

I maintain a website that uses basic authentication to prevent outside users from viewing it (It's a staging/test environment open to the internet). The website is available over unsecured (HTTP) connections with some pages (like the log…
Kyle Trauberman
  • 143
  • 5
1
vote
1 answer

Is basic authentication secure when it goes though my reverse proxy on SSL?

Hoping someone can let me know if im on the right track. I use IIS on my file server within my network. I have an apache2 server which takes all HTTP and HTTPS requests and by way of reverse proxy sends them to the correct server. Within the network…
allabouteve
  • 13
  • 3
1
vote
1 answer

nginx reverse proxy with basic_auth - 404 Not found

I have an nginx server block to proxy_pass content from three servers: gitlab, Rshiny and static content from another nginx server block. All this works fine, until I try to add password protection to one of the directories in my static content…
Thomas
  • 11
  • 1
  • 3
1
vote
1 answer

Basic username-password authentication on gitorious

I recently set up my own server that is supposed to host some git repositories. I installed gitorious there. It is almost perfect. The one thing that I am struggling with right now is how can I make users authenticate using their username and…
Garrappachc
  • 111
  • 2
1
vote
1 answer

Apply HTTP Basic authentication only to root directory

I have setup a multi directory plain web application that need authentication only for root directory. All other sub directory I need to allow without password. I have setup HTTP Basic Authentication using .htaccess and .htpasswd. These files are…
Muneer
  • 135
  • 8
1
vote
1 answer

HTTP Basic auth in tomcat

I am trying to enable basic HTTP auth on my tomcat application. Also I want to keep it outside the application. I added a new user to tomcat-users.xml and set its role to 'app-user'. Then I added a file…
Amit
  • 121
  • 1
  • 8
1
vote
0 answers

IIS 7.5 http requesting basic authentication but https isn't

Server 2008 R2 IIS 7.5 Website Panel I have a multiple sites running that have a specific folder in each site, say PDFs, some changes have been made, but I don't know what and now if you try to access files in the PDFs folder for any site it will…
Aftab
  • 11
  • 2
1
vote
1 answer

basic auth on 2 different folders

I have nginx installed, and I want to use the built-in auth-basic module to authenticate on 2 different folders. Each folder should have its own user & password lists. For this i created 2 locations in the nginx config, and specified…
quamis
  • 362
  • 7
  • 18
1
vote
1 answer

Hiding a HTTP Auth-Realm by sending 404 to non-known IPs?

I have an Apache (2.2) serving a web-app on example.com. That web-app has a debug-page reachable via example.com/debug. /debug is currently protected with a HTTP basic auth. As there is only a very small user-base who has access to the debug-page, I…
zhenech
  • 1,492
  • 9
  • 13
1
vote
1 answer

HTTP digest authentication vs. HTTPS basic authentication

What is the difference between HTTP Digest Authentication and HTTPS basic authentication from a performance and security point of view?
qwert_ukg
  • 123
  • 1
  • 3
1
vote
2 answers

basic authentication with nginx - page loads before auth popup

I have nginx and I have a directory that uses basic authentication. However, the page loads fully before the authentication popup comes. Even if I press cancel I'm not redirect to 401 authorization required page. Anyone know how I can fix this? is…
Stephen K
  • 162
  • 8
1
vote
1 answer

Nginx reverse proxy, satisfy any causing all clients to be permitted

I am having a problem with satisfy any in a server or location block causing all clients to be permitted access, which afaik is not the expected behavior. server { listen 80; server_name raar.my.domain; satisfy any; allow…
az_
  • 143
  • 1
  • 8
1
vote
1 answer

Apache Basic Auth not working in customer network

I'm having trouble, letting a customer see a site that is locked with a simple Apache Basic Auth password file. It works in every browser on Mac, Windows and in our network. Even the customer get's it working at home, but not in his office. What…
spankmaster79
  • 121
  • 1
  • 9
1
vote
2 answers

Apache removes Authorization header

Apache is acting as a reverse proxy in my setup. The application server running on port 8081 requires a valid Authorization header. The header is set by the client application. Apache seems to remove this header. It does not reach the server on port…
tobiasbayer
  • 111
  • 1
  • 5
1 2 3
17 18