Bob B. Posted July 31, 2006 Share Posted July 31, 2006 I have Apache 2.2 running on Windows 2000 server. I cannot get .htaccess to recognize passords. I have encryped passwords via Perl using crypt ( ) and MD5 and neither work. If I enter the encryped code, it works but not the text equivilent.This is not a script problem as I have tested this as follows:I have a directory in httdocs called member-only. In this directory is .htaccess, .htpassword and an index.html that outputs the following when the password is accepted: "You can see this page or any other file under this directory because you are approved member!". Like I said, the only way I see this output is when I enter in the encrypted password.Here is the contents of my .htaccess:AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/member-only/.htpassword"AuthGroupFile /dev/nullAuthName "Only approved member access to this directory"AuthType Basic<Limit GET POST>require valid-user</Limit>Order allow,denySatisfy anyIn .htpassword I have:test:098f6bcd4621d373cade4e832627b4f6the password is the same as the user "test".I believe that the above encryption was last created with MD5 but can't remember as I have been trying so many things to solve this.You are also welcome to try this via this URL:http://www.civilwarfakes.com/member-onlyThe server error tells me nothing that I didn't know:[Mon Jul 31 10:22:46 2006] [error] [client 71.114.32.208] user test: authentication failure for "/member-only": Password MismatchIf anyone would like to help me tackle this, I would be glad to post my httpd config file. I am about at my wits end.Thanks, Bob B. Quote Link to comment Share on other sites More sharing options...
youcantoo Posted August 11, 2006 Share Posted August 11, 2006 [quote author=Bob B. link=topic=102462.msg406602#msg406602 date=1154366942]I have Apache 2.2 running on Windows 2000 server. I cannot get .htaccess to recognize passords. I have encryped passwords via Perl using crypt ( ) and MD5 and neither work. If I enter the encryped code, it works but not the text equivilent.This is not a script problem as I have tested this as follows:I have a directory in httdocs called member-only. In this directory is .htaccess, .htpassword and an index.html that outputs the following when the password is accepted: "You can see this page or any other file under this directory because you are approved member!". Like I said, the only way I see this output is when I enter in the encrypted password.Here is the contents of my .htaccess:AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/member-only/.htpassword"AuthGroupFile /dev/nullAuthName "Only approved member access to this directory"AuthType Basic<Limit GET POST>require valid-user</Limit>Order allow,denySatisfy anyIn .htpassword I have:test:098f6bcd4621d373cade4e832627b4f6the password is the same as the user "test".I believe that the above encryption was last created with MD5 but can't remember as I have been trying so many things to solve this.You are also welcome to try this via this URL:http://www.civilwarfakes.com/member-onlyThe server error tells me nothing that I didn't know:[Mon Jul 31 10:22:46 2006] [error] [client 71.114.32.208] user test: authentication failure for "/member-only": Password MismatchIf anyone would like to help me tackle this, I would be glad to post my httpd config file. I am about at my wits end.Thanks, Bob B.[/quote]You can not use clear text passwords with .htpasswd they must be encrypted. (MD5 I believe)Here is a script to create username:passwd sets http://www.flash.net/cgi-bin/pw.plAre you sure that this password is MD5 ???test:098f6bcd4621d373cade4e832627b4f6sure doesn't look like an MD5 encryption to me. Here is what I get when I run MD5 on my systemtest:pVLve9xwpV1Acfrom you error code it would appear that the passwords are not the same. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.