access to / failed, reason: verification of user id

Alles, was den Apache betrifft, kann hier besprochen werden.

access to / failed, reason: verification of user id

Postby Chris08 » 29. January 2015 08:46

Hi there,

I've installed Apache 2.2 on my Raspberry Pi (OS: Raspbian), where I'm having problems with missing(?) modules.

Background: I want to secure a website with .htaccess which I've already got working after a while. So far, I go to that site and I have to log-in with my credentials.

As soon as I try to enter, the login-form appears again. The error.log gives me this message:

Code: Select all
[error] access to / failed, reason: verification of user id 'user' not configured


For me as an Apache beginner, it seems like theres a modul missing which does the verification.

These are my enabled modules:

Code: Select all
root@raspberrypi:~# apache2ctl -M
apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
Loaded Modules:
 core_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 mpm_prefork_module (static)
 http_module (static)
 so_module (static)
 actions_module (shared)
 alias_module (shared)
 auth_digest_module (shared)
 authn_alias_module (shared)
 authn_anon_module (shared)
 authn_dbd_module (shared)
 authn_dbm_module (shared)
 authn_default_module (shared)
 authn_file_module (shared)
 authnz_ldap_module (shared)
 authz_dbm_module (shared)
 authz_default_module (shared)
 authz_groupfile_module (shared)
 authz_host_module (shared)
 authz_owner_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgi_module (shared)
 charset_lite_module (shared)
 dav_module (shared)
 dbd_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 ldap_module (shared)
 mime_module (shared)
 mime_magic_module (shared)
 negotiation_module (shared)
 php5_module (shared)
 proxy_module (shared)
 proxy_ajp_module (shared)
 proxy_balancer_module (shared)
 proxy_connect_module (shared)
 proxy_http_module (shared)
 reqtimeout_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 status_module (shared)
 unique_id_module (shared)
 userdir_module (shared)
Syntax OK


Any thoughts?
Thanks in advance!
Chris08
 
Posts: 2
Joined: 28. January 2015 15:42
Operating System: Raspbian

Re: access to / failed, reason: verification of user id

Postby Nobbie » 29. January 2015 14:17

In your .htaccess you have a line like

AuthUserFile /somewhere/else/.htpasswd

and the error message means, that Apache cannot read that file. This may have different reasons, either simply a typo in the filename or path, or invalid (i.e.) missing rights. Apache is executed by a certain User (this is determined by "User = ..." in httpd.conf) and this user does not have sufficient rights to read /somewhere/else/.htpasswd

Either the file itself and/or the parent folders cannot be read be the User which executes Apache. Keep in mind, that you have to grant sufficient rights as well to .htpasswd, but also to ALL parent folders (as well /somewhere and as well /somewhere/else) etc.

Finally, a third case may occur, the file is readable for Apache, but the contents is invalid. The .htpasswd file has to be created via the htpasswd command and you MUST NOT edit .htpasswd instead with an editor.
Nobbie
 
Posts: 8780
Joined: 09. March 2008 13:04

Re: access to / failed, reason: verification of user id

Postby Chris08 » 29. January 2015 16:01

The rights on either .htaccess or .htpasswd have the rights so that everyone can read, execute or change. Same goes for the directives /var/ and /var/www/.

I don't have a httpd.conf, but on debian, the apache2.conf is the same as that one - but I can't find an entry about a user in that.

The htpasswd file is also created with the command htpasswd -c /var/www/.htpasswd user

Any other possibilities?


Thanks in advance!
Chris08
 
Posts: 2
Joined: 28. January 2015 15:42
Operating System: Raspbian

Re: access to / failed, reason: verification of user id

Postby Nobbie » 29. January 2015 17:29

Chris08 wrote:but I can't find an entry about a user in that.



Run a

Code: Select all
sudo grep -r -i user *


in /etc/apache2.d (or whereever your Apache config files are) if you can find it somewhere else. Or run a "ps -fe" in a terminal, watch out for Apache and look into the first column, it shows the userid of the process. But anyway, i dont have any other idea, As a matter of fact the error message says, that there is problem with evaluating the given user to .htpasswd - you must find out why. It is to hard for me to debug this remotely.
Nobbie
 
Posts: 8780
Joined: 09. March 2008 13:04


Return to Apache

Who is online

Users browsing this forum: No registered users and 4 guests