bozohttpd .htpasswd basic auth being non recursive

To: netbsd-users <netbsd-users%netbsd.org@localhost>
Subject: bozohttpd .htpasswd basic auth being non recursive
From: Mayuresh <mayuresh%acm.org@localhost>
Date: Fri, 31 May 2019 23:18:40 +0530

man httpd makes it clear that the .htpasswd authentication does not apply
to subdirectories.

     .htpasswd exists in the directory of the current request, bozohttpd will
     restrict access to documents in that directory using the RFC 2617 HTTP
     “Basic” authentication scheme.

     Note: This does not recursively protect any sub-directories.

Now, if one writes a script to replicate .htpasswd down the subdirs, that
could have solved it. However now, most annoyingly, the browser would
popup the password dialogue when you try to go to subdirectory.

Has anyone come across this situation and how do you deal with it. I like
bozohttpd's minimalistic approach and would switch away from it only as a
last resort.

Mayuresh

Follow-Ups:
- Re: bozohttpd .htpasswd basic auth being non recursive
  - From: Mayuresh

Prev by Date: Re: GPT BIOS boot
Next by Date: Re: bozohttpd .htpasswd basic auth being non recursive
Previous by Thread: intrctl(8)
Next by Thread: Re: bozohttpd .htpasswd basic auth being non recursive
Indexes:

Home | Main Index | Thread Index | Old Index