Need htaccess help

[Bob B.]

I have Apache 2.2 running on Windows 2000 server. I cannot get .htaccess to recognize passords. I have encryped passwords via Perl using crypt ( ) and MD5 and neither work. If I enter the encryped code, it works but not the text equivilent.
This is not a script problem as I have tested this as follows:
I have a directory in httdocs called member-only. In this directory is .htaccess, .htpassword and an index.html that outputs the following when the password is accepted: "You can see this page or any other file under this directory because you are approved member!". Like I said, the only way I see this output is when I enter in the encrypted password.

Here is the contents of my .htaccess:

AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/member-only/.htpassword"
AuthGroupFile /dev/null
AuthName "Only approved member access to this directory"
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>
Order allow,deny
Satisfy any

In .htpassword I have:

test:098f6bcd4621d373cade4e832627b4f6

the password is the same as the user "test".

I believe that the above encryption was last created with MD5 but can't remember as I have been trying so many things to solve this.
You are also welcome to try this via this URL:
http://www.civilwarfakes.com/member-only
The server error tells me nothing that I didn't know:
[Mon Jul 31 10:22:46 2006] [error] [client 71.114.32.208] user test: authentication failure for "/member-only": Password Mismatch

If anyone would like to help me tackle this, I would be glad to post my httpd config file. I am about at my wits end.

Thanks,
   Bob B.

[youcantoo]

[quote author=Bob B. link=topic=102462.msg406602#msg406602 date=1154366942]
I have Apache 2.2 running on Windows 2000 server. I cannot get .htaccess to recognize passords. I have encryped passwords via Perl using crypt ( ) and MD5 and neither work. If I enter the encryped code, it works but not the text equivilent.
This is not a script problem as I have tested this as follows:
I have a directory in httdocs called member-only. In this directory is .htaccess, .htpassword and an index.html that outputs the following when the password is accepted: "You can see this page or any other file under this directory because you are approved member!". Like I said, the only way I see this output is when I enter in the encrypted password.

Here is the contents of my .htaccess:

AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/member-only/.htpassword"
AuthGroupFile /dev/null
AuthName "Only approved member access to this directory"
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>
Order allow,deny
Satisfy any

In .htpassword I have:

test:098f6bcd4621d373cade4e832627b4f6

the password is the same as the user "test".

I believe that the above encryption was last created with MD5 but can't remember as I have been trying so many things to solve this.
You are also welcome to try this via this URL:
http://www.civilwarfakes.com/member-only
The server error tells me nothing that I didn't know:
[Mon Jul 31 10:22:46 2006] [error] [client 71.114.32.208] user test: authentication failure for "/member-only": Password Mismatch

If anyone would like to help me tackle this, I would be glad to post my httpd config file. I am about at my wits end.

Thanks,
  Bob B.
[/quote]

You can not use clear text passwords with .htpasswd they must be encrypted. (MD5 I believe)

Here is a script to create username:passwd sets
http://www.flash.net/cgi-bin/pw.pl

Are you sure that this password is MD5  ???
test:098f6bcd4621d373cade4e832627b4f6

sure doesn't look like an MD5 encryption to me. Here is what I get when I run MD5 on my system
test:pVLve9xwpV1Ac

from you error code it would appear that the passwords are not the same.