The Omni Group Forums

The Omni Group Forums (http://forums.omnigroup.com/index.php)
-   OmniWeb Bug Reports (http://forums.omnigroup.com/forumdisplay.php?f=27)
-   -   OmniWeb + Keychain + Basic Authentication = confusion (http://forums.omnigroup.com/showthread.php?t=7620)

Ward 2008-03-26 01:16 PM

OmniWeb + Keychain + Basic Authentication = confusion
 
My consulting website is hosted on a Mac OS X Server. I use Basic Authentication to provide a protected sub-site for each client. The structure looks like this:[INDENT]www.mydoman.com[INDENT]clients[INDENT]mary
steve
...[/INDENT][/INDENT][/INDENT]Each client has their own username and password. Only I can access the "clients" folder. Each client folder can be access by just the client and me (ward). I've been using this scheme for a couple of years.

Starting a couple of days ago, I began having trouble accessing "/clients/index.html". I'd either be prompted for my username + password (which OmniWeb should have found in my Keychain), or I'd get an "Authorization Required" error page.

I think I found what's happening - creating a new client folder messes up Keychain:[LIST=1][*]Add the client folder to the site.[*]Using Server Admin, add a new protected realm for the folder, allowing access by the client and me.[*]Attempt to open the client home page (e.g., /clients/linda/index.html). Although I have already authenticated at the "/clients" level, OmniWeb prompts me for a username + password.[*]Although I've never really understood why my authorization at the "/clients" level doesn't automatically give me access to the individual client folders, I'm forced to respond. My practice has been to enter the client's username + password - this validates the setup I did in Server Admin, and it records the client username and password in my Keychain.[/LIST]At this point, I can see the new client home page.

All seems fine until I attempt to open "/clients/index.html" ... the "Authorization Required" error page appears.

In Keychain Access, I see that the most recent keychain entry looks like this:[INDENT]Name: www.mydomain.com
Kind: Internet password
Account: [COLOR="Red"]ward[/COLOR]
Where: [COLOR="red"]http://www.mydomain.com[/COLOR]
Comments: default
Show password: [COLOR="Red"]linda's password[/COLOR][/INDENT]This entry has two problems:[LIST][*]"Where" is the root of my site.[*]My account name is matched with the new client's password.[/LIST]Two things happened about the time I first noticed the symptoms of this problem:[LIST][*]I upgraded to OmniWeb 5.7 beta 2.[*]I added a couple of new client folders.[/LIST]So I'm not sure whether to point the bug finder at OmniWeb or Keychain (which may have been updated when I upgraded to 10.5.2 several weeks ago).

[SIZE="1"][submitted as formal feedback][/SIZE]


All times are GMT -8. The time now is 03:34 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2021, vBulletin Solutions, Inc.