[Zope] Ahaaaa! Success Startup Authentication !!

Phil Harris phil@philh.org
Sun, 13 Jun 1999 23:05:16 +0100


Seems part of the problem may come from your rewrite rules,  you have

RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^/cgi-bin/Zope/(.*) /home/httpd/cgi-bin/Zope/$1
[e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l]

but surely this should be:

RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^/Zope/(.*) /home/httpd/cgi-bin/Zope/$1
[e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l]

Since the mapping goes from a url of http://your-server/Zope/manage to
http://your-server/cgi-bin/Zope/Zope.cgi

Seems like you've been trying to remap something to itself?

You might also want to try a later version of Zope as 1.09 is pretty
outdated.

Another note about using Zope with Apache, different versions of Apache
might need different RewriteRule's, since your using 1.3.6 you might try:

RewriteRule ^/Zope(.*) /home/httpd/cgi-bin/Zope$1
[e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l]

This seems to work better with 1.3.6.

You also need to turn ExecCGI in the Directory statement for the dir with
Zope.cgi in (as you have done), later versions of Apache don't do this even
for it's own cgi-bin dir by default.

Anyway try my 'fixed' rewriterule and tell me if you have any problems as
I'm in the process of rewriting the WEBSERVER.txt file and would appreciate
any reports of trouble with the above rule.

HTH

Phil
Phil@philh.org



-----Original Message-----
From: Robert W. Canary <rwcanary@ohiocounty.net>
To: zope@zope.org <zope@zope.org>
Date: 13 June 1999 04:43
Subject: [Zope] Ahaaaa! Success Startup Authentication !!


>Okay,   I think I know what is causing the trouble.
>
>I found one thing that did not quit work the way the zope docs said.
>You should be able to *not* include the domain name in the access file
>(eq superuser:123)   I finally got to the point (agian) where I kept
>getting the  failed authorization.  Except this time when I clicked
>cancel I did not get the message that there was no Authorization header
>found.  Instead it said the username and password supplied were
>incorrect.   So I went back into the /var/local/Zope/access file and
>changed it to rwcanary:xxxxx:*.ohiocounty.net and it WORKED!
>
>Now how did I get to that point?
>
>First everything belongs to owner and group nobody.  With wide open rwx
>(I'll tighten the security tommorow).
>Also it seems that Zope must have its own directory.   I moved the
>Zope.cgi to "/home/httpd/cgi-bin/Zope/Zope.cgi"  I haven't seen any
>reference to this in the docs,  please correct me if I wrong.
>
>The Apache is configured as follows:
>/etc/httpd/conf/access.conf.........
><Directory /home/httpd/cgi-bin/Zope>
>Options ExecCGI
></Directory>
>
>/etc/httpd/conf/httpd.conf............
>RewriteEngine on
>RewriteCond %{HTTP:Authorization} ^(.*)
>RewriteRule ^/cgi-bin/Zope/(.*) /home/httpd/cgi-bin/Zope/$1
>[e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l]
>
>/etc/httpd/conf/srm.conf...........
>ScriptAlias /cgi-bin/Zope/ /home/httpd/cgi-bin/Zope/
>
>This is Apache-modperl-1.3.6 and Zope-1.09
>
>For the record and archives I am pasting what a succesfull rewrite log
>should look like:
>
>(2) init rewrite engine with requested uri /cgi-bin/Zope/Zope.cgi/manage
>
>(3) applying pattern '^/cgi-bin/Zope/(.*)' to uri
>'/cgi-bin/Zope/Zope.cgi/manage'
>(4) RewriteCond: input='Basic c3VwZXJ1c2VyOjEyMw==' pattern='^(.*)' =>
>matched
>(2) rewrite /cgi-bin/Zope/Zope.cgi/manage ->
>/home/httpd/cgi-bin/Zope/Zope.cgi/manage
>(5) setting env variable 'HTTP_CGI_AUTHORIZATION' to 'Basic
>c3VwZXJ1c2VyOjEyMw=='
>(2) remember /home/httpd/cgi-bin/Zope/Zope.cgi/manage to have MIME-type
>'application/x-httpd-cgi'
>(2) local path result: /home/httpd/cgi-bin/Zope/Zope.cgi/manage
>(1) go-ahead with /home/httpd/cgi-bin/Zope/Zope.cgi/manage [OK]
>(1) force filename /home/httpd/cgi-bin/Zope/Zope.cgi to have MIME-type
>'application/x-httpd-cgi'
>(2) init rewrite engine with requested uri /manage
>(3) applying pattern '^/cgi-bin/Zope/(.*)' to uri '/manage'
>(1) pass through /manage
>
>I have one question?  After I log onto the "/Zope.cgi/manage" I can exit
>and then go backto /Zope/Zope.cgi/manage it goes directly to it.  It
>does not ask me for a username and password anymore.  Why?
>
>--
>robert canary
>system services
>OhioCounty.Net
>rwcanary@ohiocounty.net
>(270)298-9331 Office
>(270)298-7449 Fax
>
>
>
>
>_______________________________________________
>Zope maillist  -  Zope@zope.org
>http://www.zope.org/mailman/listinfo/zope
>
>(For developer-specific issues, use the companion list,
>zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )