[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-modssl
Subject:    Re: AuthType and SSL
From:       "Cliff Woolley" <jwoolley () wlu ! edu>
Date:       1999-12-22 22:33:56
[Download RAW message or body]

>>> "Keith Vance" <Kvance@prmc.com> 12/22/99 02:06PM >>>

>The https is setup as a virtual host, right?
>And I can tell it which directory to use for this virtual host.

Generally, yes.

>Do I have to create a <Directory> entry in my httpd.conf
>file for the same directory that I want to protect. I obviously
>know nothing about SSL or virtual hosts, I have a lot of reading to
do.

Yes.  Or a .htaccess file in that directory.  (AuthType and its pals
can only be located within per-directory configuration sections, which
is why you're getting the error on startup.)

>My other question is, will mod_ssl encrypt my passwords?

Yes.  SSL is a layer below HTTP or whatever other protocol you choose
to run on top of it.  So for HTTP(S) purposes, both the request and the
response are encrypted, including the basic auth information, which is
sent as a request header.

>If I setup a virtual host with the directory
>/usr/local/apache/wwwroot/it and do
>authentication at that level, can I then
>do further authentication at the
>/usr/local/apache/wwwroot/it/routers?

Yep.  Either make a new <Directory> block or, again, you can use a
.htaccess file in that directory.

--Cliff

Cliff Woolley
Central Systems Software Administrator
Washington and Lee University
http://www.wlu.edu/~jwoolley/

Work: (540) 463-8089
Pager: (540) 462-2303
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            majordomo@modssl.org

[prev in list] [next in list] [prev in thread] [next in thread]