.htaccess LogOn Oddity

Hi,

I password protect some areas on some web sites on my server
 
using .htaccess.  I'm currently running httpd 2.0.49
compiled from  
source on a RedHat 7.3 web server.  For some reason unknown
to me,  
the logon screen never works on the first try.  I'll fill
out  
authentication dialog box, execute it, and the
"Authentication  
Required" box reappears.  If I re-enter the information
a second  
time, the authentication works.  This seems to occur on
various  
browsers on both the XP and Mac platforms.

Here's the directive I use to enable .htaccess

<Directory "/home/local/directory">
     AllowOverride AuthConfig
     Options Indexes FollowSymLinks Includes
     Order allow,deny
     Allow from all
</Directory>

Any insight into this would be greatly appreciated.  Thanks
in  
advance for the help.

Bob Cohen
Principal, MojoTools Web Design
Blues Harmonica Lessons
Web   :   www.mojotools.com

------------------------------------------------------------
---------
The official User-To-User support forum of the Apache HTTP
Server Project.
See <URL:http://htt
pd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribehttpd.apache.org
   "   from the digest: users-digest-unsubscribehttpd.apache.org
For additional commands, e-mail: users-helphttpd.apache.org

On 1/29/07, Bob Cohen <bobmojotools.com> wrote:
> Hi,
>
> I password protect some areas on some web sites on my
server
> using .htaccess.  I'm currently running httpd 2.0.49
compiled from
> source on a RedHat 7.3 web server.  For some reason
unknown to me,
> the logon screen never works on the first try.  I'll
fill out
> authentication dialog box, execute it, and the
"Authentication
> Required" box reappears.  If I re-enter the
information a second
> time, the authentication works.  This seems to occur on
various
> browsers on both the XP and Mac platforms.

>From the 1.3 FAQ, but applies to all versions:
http://httpd.apache.org/docs/1.3/misc/FAQ.html#prom
pted-twice

Joshua.

------------------------------------------------------------
---------
The official User-To-User support forum of the Apache HTTP
Server Project.
See <URL:http://htt
pd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribehttpd.apache.org
   "   from the digest: users-digest-unsubscribehttpd.apache.org
For additional commands, e-mail: users-helphttpd.apache.org

On Jan 29, 2007, at 1:07 PM, Joshua Slive wrote:

>> From the 1.3 FAQ, but applies to all versions:
> http://httpd.apache.org/docs/1.3/misc/FAQ.html#prom
pted-twice

Thank you very much Joshua! Three remedies are suggested:

1. Always use the trailing slash when requesting
directories;
2. Change the ServerName to match the name you are using in
the URL;  
and/or
3. Set UseCanonicalName off.

I already verified that the trailing slash works. Which is
is the  
"best practices" solution?

Bob Cohen
Principal, MojoTools Web Design
Blues Harmonica Lessons
Web   :   www.mojotools.com

------------------------------------------------------------
---------
The official User-To-User support forum of the Apache HTTP
Server Project.
See <URL:http://htt
pd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribehttpd.apache.org
   "   from the digest: users-digest-unsubscribehttpd.apache.org
For additional commands, e-mail: users-helphttpd.apache.org

On 1/29/07, Bob Cohen <bobmojotools.com> wrote:
>
> On Jan 29, 2007, at 1:07 PM, Joshua Slive wrote:
>
> >> From the 1.3 FAQ, but applies to all
versions:
> > http://httpd.apache.org/docs/1.3/misc/FAQ.html#prom
pted-twice
>
> Thank you very much Joshua! Three remedies are
suggested:
>
> 1. Always use the trailing slash when requesting
directories;
> 2. Change the ServerName to match the name you are
using in the URL;
> and/or
> 3. Set UseCanonicalName off.
>
> I already verified that the trailing slash works. Which
is is the
> "best practices" solution?

I would recommend doing this:
http://wiki.apache.org/httpd/Recipes/CanonicalHostNames
which assures that you are redirected to the canonical name
before any
authentication happens.  But if you are looking for an easy
solution,
3 works just fine (and is the default in all recent versions
of
apache).

Joshua.

------------------------------------------------------------
---------
The official User-To-User support forum of the Apache HTTP
Server Project.
See <URL:http://htt
pd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribehttpd.apache.org
   "   from the digest: users-digest-unsubscribehttpd.apache.org
For additional commands, e-mail: users-helphttpd.apache.org

On Jan 29, 2007, at 1:35 PM, Joshua Slive wrote:

> I would recommend doing this:
> http://wiki.apache.org/httpd/Recipes/CanonicalHostNames
> which assures that you are redirected to the canonical
name before any
> authentication happens.  But if you are looking for an
easy solution,
> 3 works just fine (and is the default in all recent
versions of
> apache).

Thanks.  I'll look into both.  I was hoping I wouldn't have
to  
remember the trailing slash all the time. 

Bob

------------------------------------------------------------
---------
The official User-To-User support forum of the Apache HTTP
Server Project.
See <URL:http://htt
pd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribehttpd.apache.org
   "   from the digest: users-digest-unsubscribehttpd.apache.org
For additional commands, e-mail: users-helphttpd.apache.org