Ahaaaa! Success Startup Authentication !!
Okay, I think I know what is causing the trouble. I found one thing that did not quit work the way the zope docs said. You should be able to *not* include the domain name in the access file (eq superuser:123) I finally got to the point (agian) where I kept getting the failed authorization. Except this time when I clicked cancel I did not get the message that there was no Authorization header found. Instead it said the username and password supplied were incorrect. So I went back into the /var/local/Zope/access file and changed it to rwcanary:xxxxx:*.ohiocounty.net and it WORKED! Now how did I get to that point? First everything belongs to owner and group nobody. With wide open rwx (I'll tighten the security tommorow). Also it seems that Zope must have its own directory. I moved the Zope.cgi to "/home/httpd/cgi-bin/Zope/Zope.cgi" I haven't seen any reference to this in the docs, please correct me if I wrong. The Apache is configured as follows: /etc/httpd/conf/access.conf......... <Directory /home/httpd/cgi-bin/Zope> Options ExecCGI </Directory> /etc/httpd/conf/httpd.conf............ RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^/cgi-bin/Zope/(.*) /home/httpd/cgi-bin/Zope/$1 [e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l] /etc/httpd/conf/srm.conf........... ScriptAlias /cgi-bin/Zope/ /home/httpd/cgi-bin/Zope/ This is Apache-modperl-1.3.6 and Zope-1.09 For the record and archives I am pasting what a succesfull rewrite log should look like: (2) init rewrite engine with requested uri /cgi-bin/Zope/Zope.cgi/manage (3) applying pattern '^/cgi-bin/Zope/(.*)' to uri '/cgi-bin/Zope/Zope.cgi/manage' (4) RewriteCond: input='Basic c3VwZXJ1c2VyOjEyMw==' pattern='^(.*)' => matched (2) rewrite /cgi-bin/Zope/Zope.cgi/manage -> /home/httpd/cgi-bin/Zope/Zope.cgi/manage (5) setting env variable 'HTTP_CGI_AUTHORIZATION' to 'Basic c3VwZXJ1c2VyOjEyMw==' (2) remember /home/httpd/cgi-bin/Zope/Zope.cgi/manage to have MIME-type 'application/x-httpd-cgi' (2) local path result: /home/httpd/cgi-bin/Zope/Zope.cgi/manage (1) go-ahead with /home/httpd/cgi-bin/Zope/Zope.cgi/manage [OK] (1) force filename /home/httpd/cgi-bin/Zope/Zope.cgi to have MIME-type 'application/x-httpd-cgi' (2) init rewrite engine with requested uri /manage (3) applying pattern '^/cgi-bin/Zope/(.*)' to uri '/manage' (1) pass through /manage I have one question? After I log onto the "/Zope.cgi/manage" I can exit and then go backto /Zope/Zope.cgi/manage it goes directly to it. It does not ask me for a username and password anymore. Why? -- robert canary system services OhioCounty.Net rwcanary@ohiocounty.net (270)298-9331 Office (270)298-7449 Fax
paul@digicool.com (Paul Everitt) writes:
"Robert W. Canary" wrote:
I found one thing that did not quit work the way the zope docs said.
I think you're right. Could you do us a favor:
1) Write up all your impressions about how the install docs could be improved.
2) Specifically highlight the area that is incorrect.
Hmm... I also set up Zope using pcgi access. I'm using ZServer, but the apache setup should be the same. I did not encounter any of the above problems. There was just one problem: I had played around with several different methods of Access to Zope. At one time I had an entry in srm.conf saying ScriptAlias /Zope/ /usr/local/Zope-1.10.2/Zope.cgi This worked seamlessly if I let the apache server do the authentification (with appropriate entries in access.conf). But when I switched to Zope's own authentication, I had to REMOVE all ScriptAlias lines !!! And replace them with a simple RewriteRule in httpd.conf: RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^/Zope/(.*) /usr/local/Zope-1.10.2/Zope.cgi/$1 [e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l] (straight from the Doc). I have no problems with this setup. The important thing is: No ScriptAlias if you have a rewrite rule !! (I found this using the log feature of mod_rewrite with a fairly high log-level). I hope, this is helpful :-) Stefan.
"Robert W. Canary" wrote:
I found one thing that did not quit work the way the zope docs said.
I think you're right. Could you do us a favor: 1) Write up all your impressions about how the install docs could be improved. 2) Specifically highlight the area that is incorrect. There is an imminent (next day or so) Zope2 alpha coming out. It would be nice to get any corrections into the file before then. [snip]
I have one question? After I log onto the "/Zope.cgi/manage" I can exit and then go backto /Zope/Zope.cgi/manage it goes directly to it. It does not ask me for a username and password anymore. Why?
The browser stores the username and pasword based on the "realm" that the website states. This is all part of the HTTP Basic Authentication spec. If you quit all your browsers and go back, you'll be prompted again. --Paul
participants (3)
-
Paul Everitt -
Robert W. Canary -
Stefan Bund