teammpp

Registered
Oct 1, 2005
2
0
151
Hi,

One of my clients set up a custom 401 error page but there appears to be a problem. I have looked at this myself and still cant seem to resolve it.

When the 401 page comes up we get the following on the screen.

Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.

Additionally, a 401 Authorization Required error was encountered while trying to use an ErrorDocument to handle the request.
Any idea how to cure this additional error that has been encountered?
 

Izzee

Well-Known Member
Feb 6, 2004
469
0
166
The 401 error page should be named 401.shtml and placed in the web root directory.
When you get the

Additionally, a 401 Authorization Required error was encountered while trying to use an ErrorDocument to handle the request.

the server can't find this 401.shtml file in the above directory.

You can put these custom error pages 400, 401, 403, 404 (or indeed any of the error pages) in the same root web directory also.

In an htaccess file you can redirect error pages to another named page of your choice.

Example add this statement and create a file oops.shtml in your root web directory:

ErrorDocument 404 /oops.shtml

will redirect the 404 error to oops.shtml which is a custom error page that you created.

Hope this is what you are after and helps with your error pages issues.
 

teammpp

Registered
Oct 1, 2005
2
0
151
Hmm, this is weird. Thats how I had set it up when trying myself. I double checked but still giving the same error.
 

Izzee

Well-Known Member
Feb 6, 2004
469
0
166
Remember to flush your browser's cache when dealing with htaccess changes.

The server is not able to access the error pages in the web root directory because of the authentication issues. Try moving the 401.shtml to a non protected directory and refer to that directory in your .htaccess file.

Examples:
errordocument 401 http://protecteddomain.tld/nonprotecteddir/401.shtml
or
errordocument 401 /home/user/public_html/nonprotecteddir/401.shtml
or
errordocument 401 /unprotecteddirectory/401.shtml
etc.

Error pages have to be local and reletive or actual to the .htaccess file and not in a protected directory.

There may be other .htaccess directive work arounds like this I found in another forum I frequent:
Custom error documents must not reside in a protected directory, or if they do, provisions must be made so that those error documents are not password-protected. An example would be to examine the requested URL and set a flag with SetEnvIf, then test that flag with Allow from (mod_access) and then use "Satisfy any" (core) so that authorization is bypassed for ErrorDocument URL requests.
Info about the SetEnvIf directive and all the rest can be found here:
http://httpd.apache.org/docs/mod/directives.html
 
Last edited: