Question
.- TWiki version:01 Sep 2001
- Web server: Apache 1.3
- Server OS: Solaris
- Web browser: Netscape 4.78
- Client OS: Solaris
Authorization Required This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.You can click on the attachment in the attachment table and view it successfully. We are using a .htaccess file at the top level twiki directory (the parent of the cgi-bin directory).
AuthName Our Network AuthType Basic AuthUserFile /mntpoint/httpd/etc/passwd require valid-userThere was some reason why we wanted to do this rather than put it in the cgi-bin directory, but I have now forgotten the reason. I wonder if my problem has anything to do with the comments I saw in the view and viewauth scripts: # To Do: Need to protect also %INCLUDE% and search -- StevenGreenberg - 04 Feb 2002
Answer
My understanding is that your server becomes an intermediate client when including another URL. However TWiki doesn't pass through either its own credentials or those of the true client (the browser). I worked around this by sending an approriately formed HTTP "Authorization:" header containing the required authentication info for the server. This required a change to the processing for the %INCLUDE% variable. See also IncludingAuthenticatedURLs -- AndrewMould - 12 Feb 2002 You should be able to grab the incoming HTTP header for basic authentication, from the browser, and then recreate this in the outbound header to the server for the included page (assuming the userid and password are the same). Have a look at the docs for Perl's CGI.pm, which is used by TWiki, for how to grab and create headers - some sample code for the latter is at BackFromPreviewLosesText. A much simpler solution, since this is all on the same server, would be to not use %ATTACHURL% when including attachments, but to use the OS pathname. Although this may have implications for the TWiki code... -- RichardDonkin - 12 Feb 2002
Topic revision: r5 - 2002-05-21 - TWikiAdmin
Site map
Blog web
Search
Changes
RSS Feed
Notifications
Statistics
Preferences
Register new user
Support Forum 
Ask a question
Open questions 
My recent questions
Get quick help in #twiki IRC channel
Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.