[freeside] Authorization Question

Dana Hudes dhudes at hudes.org
Sun Sep 30 09:49:53 PDT 2001


do you have suexec? check your suexec logfile.
suexec doesn't like if your cgi is writeable by anyone other than owner
also it needs group execution permission


----- Original Message ----- 
From: "Jason" <jbrunk at whitetec.com>
To: <ivan-freeside at sisd.com>
Sent: Sunday, September 30, 2001 12:44 PM
Subject: Re: [freeside] Authorization Question


> ok, now i have all that setup again.  now this is going to sound real bad,
> but i am having some problems getting apache to let me access the cgis from
> what i can see i have all the permissions correct, but probably not.  i
> usually don't do too much cgi on my bsd boxes  so any help would be
> appreciated.
> 
> 
> ----- Original Message -----
> From: "Dana Hudes" <dhudes at hudes.org>
> To: <ivan-freeside at sisd.com>
> Sent: Sunday, September 30, 2001 12:35 PM
> Subject: Re: [freeside] Authorization Question
> 
> 
> OK, I see your utter confusion.
> Freeside demands that first you authenticate to apache. To that end you need
> a .htpasswd
> file (and you can also set up groups if you wanted, all the Apache auth
> stuff).
> mapsecrets is *not* an Apache UserAuthFile
> its for Freeside, not apache. Its none of Apache's business.
> 
> N.B. you do not have to use .htpasswd as the name for AuthUserFile
> its just common practice -- whatever you call it, put it in ServerRoot not
> DocumentRoot (or below).
> 
> ----- Original Message -----
> From: "Jason" <jbrunk at whitetec.com>
> To: <ivan-freeside at sisd.com>
> Sent: Sunday, September 30, 2001 12:24 PM
> Subject: Re: [freeside] Authorization Question
> 
> 
> > i understand how the .htaccess works, but what i am curious about comes
> from
> > this page of the documentation.
> >
> > http://www.sisd.com/freeside/docs/config.html
> >
> > the third option down, "which maps Apache users to a file which contains
> DBI
> > data source, username and password.  Every line in
> > /usr/local/etc/freeside/mapsecrets shold contain a username and a
> "filename"
> > seperated by whitespace"
> >
> > that is what is confusing me, because i thought if i use htpassword to
> > create/modify my mapsecrets file, then it would be username/password not
> > username/filename  so if i create my mapsecrets file with
> username/password
> > then where does the file with the datasource/user/pass come in?
> >
> >
> > maybe that explains my confusion a little better :)  thanx for helping so
> > far:)
> >
> > jason
> > ----- Original Message -----
> > From: "Dana Hudes" <dhudes at hudes.org>
> > To: <ivan-freeside at sisd.com>
> > Sent: Sunday, September 30, 2001 12:00 PM
> > Subject: Re: [freeside] Authorization Question
> >
> >
> > > I don't know what you're thinking of but you specified "mapsecrets"
> > > as the file containing your apache authorization information.
> > > so feed that to htpasswd
> > >
> > > Please read the information on apache and access control from mod_auth
> and
> > > htpasswd then come back with questions on what you have read.
> > > To do otherwise is somewhat inconsiderate.
> > >
> > > On Sun, 30 Sep 2001, Jason wrote:
> > >
> > > > Date: Sun, 30 Sep 2001 11:56:49 -0400
> > > > From: Jason <jbrunk at whitetec.com>
> > > > Reply-To: ivan-freeside at sisd.com
> > > > To: ivan-freeside at sisd.com
> > > > Subject: Re: [freeside] Authorization Question
> > > >
> > > > is the rest of my configuration correct though?
> > > >
> > > > when i create the authuserfile, do i add it into my .htaccess file?
> how
> > does apache know to use the mapsecrets?
> > > >
> > > > jason
> > > >
> > > >     in my .htaccess file i have the following.
> > > >
> > > >     AuthName "restricted stuff"
> > > >     AuthType Basic
> > > >     AuthUserFile /usr/local/etc/freeside/mapsecrets
> > > >     require valid-user
> > > >
> > > >     then in my mapsecrets i have
> > > >
> > > >     admin sec_admin
> > > >
> > > >     where admin is the user and sec_admin is the secrets file
> > > >
> > > >     then in my sec_admin file i have
> > > >
> > > >     DBI:mysql:freeside
> > > >     freeside
> > > >     free1
> > > >
> > > >
> > > >     where the first line is my connection string
> > > >     second is my dbusername
> > > >     third is dbpassword
> > > >
> > > >     so i guess what i am askig is, where do i assign the password for
> > the account admin?  do i have something messed up?
> > > >
> > > >     jason
> > > >
> > > >
> > >
> > >
> > >
> 
> 
> 




More information about the freeside-users mailing list