RE: [squid-users] Strange htaccess problem

We found a partial solution but it's turned this into a different sort of
problem, now more curious than critical...

So we had users 1 and 2, directories A and B. 1 has access to A only, 2 has
access to A and B. The error page for the virtualhost for A was stored in
B.

When user 1 tried to access A, something in some of the documents (a .css
file) wasn't there so it wasn't loading. User 2 was asked for her password
twice, and it happened to be the same for both areas, so she didn't get
asked any more than that. User 1 was asked four times, after which it
displayed the page he was looking for. No error ar 'authentication needed'
screen was displayed in either case. So we couldn't tell these things were
being generated by hits to the error page until we checked the logs.

The strange thing is, this works differently under apache alone vs. squid
and apache together. Apache would silently ignore the fact that it couldn't
find the error screen for the .css file, or perhaps wouldn't look for one in
the first place, but when the request comes through squid, it seems to act
differently. Anyone know why this would be so?

Thanks,

Chris

> -----Original Message-----
> From: Joe Cooper [mailto:joe@swelltech.com]
> Sent: Monday, April 29, 2002 2:04 PM
> To: Chris Wade
> Cc: 'squid-users@squid-cache.org'
> Subject: Re: [squid-users] Strange htaccess problem
>
>
> Huh?
>
> Squid does nothing with Apache's .htaccess files...Squid doesn't know
> they exist, doesn't read them, doesn't think about them at
> all. Squid
> also will not ask the browser to authenticate unless you have
> explicitly
> configured Squid to use some form of authentication.
>
> Check to be sure Squid isn't configured to authenticate users (i.e.
> 'authenticate_program' and 'acl' and 'http_access' directives are not
> configured for authentication...this is obviously not the default, so
> unless you've done it yourself this isn't the cause of your troubles).
>
> Next step, take Squid out of the picture for testing and see if the
> behavior persists. If it does, fix your Apache, and put
> Squid back in.
>
> Chris Wade wrote:
> > Hi, I've searched through the archives and the FAQ and
> haven't found an
> > answer to this question.
> >
> > I'm running Squid 2.4 and Apache 1.3.19 with squid as an
> http accelerator.
> > My problem has to do with the way squid seems to be
> handling some .htaccess
> > files. I have one particular set of directories protected
> by a .htaccess
> > file. This works fine when I run apache without squid, but
> when I am
> > running squid one user has to enter his password three or
> four times for
> > every screen he goes to, while another user has to enter
> hers twice when she
> > enters this area and that's it. I have tried changing the
> troubled user's
> > password, to no effect, next I tried removing the .htaccess
> file altogether
> > (renamed it) and this had no effect. The authentication
> window kept popping
> > up. So I figured maybe squid was caching it somehow, and
> tried rebuilding
> > the cache as per the instructions in the FAQ (shutdown
> squid, move all cache
> > files, run squid -z again) and had no effect. I checked
> through every
> > directory on that path as well as the httpd.conf file
> itself and there is
> > nothing there that could be causing this authentication
> window to appear.
> > At one point I noticed that a user could click 'cancel' on the
> > authentication window and be let into the page when squid
> was running.
> >
> > Does anyone know why I would still see an http
> authentication window, after
> > having done all of the above?
> >
> > Thanks,
> > Chris
> >
> >
>
>
>
> --
> Joe Cooper <joe@swelltech.com>
> http://www.swelltech.com
> Web Caching Appliances and Support
>
Received on Tue Apr 30 2002 - 13:18:04 MDT