The Omni Group
These forums are now read-only. Please visit our new forums to participate in discussion. A new account will be required to post in the new forums. For more info on the switch, see this post. Thank you!

Go Back   The Omni Group Forums > OmniWeb > OmniWeb Bug Reports
FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
OmniWeb + Keychain + Basic Authentication = confusion Thread Tools Search this Thread Display Modes
Prev Previous Post   Next Post Next
My consulting website is hosted on a Mac OS X Server. I use Basic Authentication to provide a protected sub-site for each client. The structure looks like this:
www.mydoman.com
clients
mary
steve
...
Each client has their own username and password. Only I can access the "clients" folder. Each client folder can be access by just the client and me (ward). I've been using this scheme for a couple of years.

Starting a couple of days ago, I began having trouble accessing "/clients/index.html". I'd either be prompted for my username + password (which OmniWeb should have found in my Keychain), or I'd get an "Authorization Required" error page.

I think I found what's happening - creating a new client folder messes up Keychain:
  1. Add the client folder to the site.
  2. Using Server Admin, add a new protected realm for the folder, allowing access by the client and me.
  3. Attempt to open the client home page (e.g., /clients/linda/index.html). Although I have already authenticated at the "/clients" level, OmniWeb prompts me for a username + password.
  4. Although I've never really understood why my authorization at the "/clients" level doesn't automatically give me access to the individual client folders, I'm forced to respond. My practice has been to enter the client's username + password - this validates the setup I did in Server Admin, and it records the client username and password in my Keychain.
At this point, I can see the new client home page.

All seems fine until I attempt to open "/clients/index.html" ... the "Authorization Required" error page appears.

In Keychain Access, I see that the most recent keychain entry looks like this:
Name: www.mydomain.com
Kind: Internet password
Account: ward
Where: http://www.mydomain.com
Comments: default
Show password: linda's password
This entry has two problems:
  • "Where" is the root of my site.
  • My account name is matched with the new client's password.
Two things happened about the time I first noticed the symptoms of this problem:
  • I upgraded to OmniWeb 5.7 beta 2.
  • I added a couple of new client folders.
So I'm not sure whether to point the bug finder at OmniWeb or Keychain (which may have been updated when I upgraded to 10.5.2 several weeks ago).

[submitted as formal feedback]
 
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


Similar Threads
Thread Thread Starter Forum Replies Last Post
Omni Sync Requires Authentication message Calvineb OmniFocus Syncing 3 2011-08-31 10:11 PM
Server Requires Authentication Patrick923 OmniFocus 1 for Mac 3 2011-07-14 09:56 AM
Requires Authentication Every 15 minutes?! (Driving Me Crazy) HappyDude Other WebDAV 7 2009-09-12 07:40 PM
Authentication panel bug WebJIVE OmniWeb Bug Reports 0 2008-01-10 11:20 AM
DAV authentication not saved blofeld OmniWeb Bug Reports 4 2006-12-22 07:07 AM


All times are GMT -8. The time now is 01:11 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.