Authorization failure (no authenticated user) - .htaccess error, Apache

Question

I'm running Apache/2.4.7 (Ubuntu) Server and I'm trying to protect one of the directories 'myFolder' which is located at /var/www/html/myFolder

I made the following edits in /etc/apache2/apache2.conf file

<Directory /var/www/>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>


<Directory /var/www/html/myFolder>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
</Directory>

I created .htaccess in /var/www/myFolder with the following contents

AuthUserFile /var/www/html/myFolder/.htpasswd
AuthName "Authorization Required"
AuthType Basic
require valid-user

Also created htpasswd by

htpasswd -c /var/www/html/myFolder/.htpasswd admin

which then prompts for password.

I then try to access the file on the browser www.mydoman.com/myFolder/hello.html and it prompts for username and password. However, the authentication does not go through.

Here is the error from the error.log file

[authz_core:error] [pid 30042] [client xxx.xxx.xx.xxx:53348] AH01629: authorization failure (no authenticated user): /myFolder/hello.html

How can I resolve this issue?

score 16 · Answer 1 · answered Mar 22 '15 at 02:17

16

A loaded mod-shib2 can cause this problem. According to this bug comment, setting ShibCompatValidUser On solves it.

Require valid-user does also work with mod_shib enabled. According to https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig this is only necessary for shib versions 2.5.2 and above. Note that ShibCompatValidUser is a server / virtual host option.

answered Mar 22 '15 at 02:17

Kilian Röhner

335
2
9

Thank you, this helped me a lot. – Ortomala Lokni Nov 28 '18 at 13:54

Authorization failure (no authenticated user) - .htaccess error, Apache

1 Answers1