Return-Path: 
 <users-return-65745-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 71750 invoked from network); 12 Aug 2006 11:38:18 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 12 Aug 2006 11:38:18 -0000
Received: (qmail 42392 invoked by uid 500); 12 Aug 2006 11:38:08 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 42373 invoked by uid 500); 12 Aug 2006 11:38:08 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 42361 invoked by uid 99); 12 Aug 2006 11:38:07 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 12 Aug 2006 04:38:07 -0700
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_HELO_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (asf.osuosl.org: local policy)
Received: from [213.84.83.144] (HELO smtp.sterenborg.info) (213.84.83.144)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 12 Aug 2006 04:38:00 -0700
Received: from localhost (localhost [127.0.0.1])
	by smtp.sterenborg.info (Postfix) with ESMTP id EC650699C5
	for <users@httpd.apache.org>; Sat, 12 Aug 2006 13:37:32 +0200 (CEST)
X-Virus-Scanned: at sterenborg.info
Received: from tanjian (tanjian.sterenborg.info [10.0.1.1])
	(using TLSv1 with cipher RC4-MD5 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: rsterenborg)
	by smtp.sterenborg.info (Postfix) with ESMTP id DCBA3699C4
	for <users@httpd.apache.org>; Sat, 12 Aug 2006 13:37:24 +0200 (CEST)
From: "Rob Sterenborg" <rob@sterenborg.info>
To: <users@httpd.apache.org>
Date: Sat, 12 Aug 2006 13:37:01 +0200
Message-ID: <001f01c6be03$a0dd6100$0101000a@tanjian>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
In-Reply-To: <200608121047.40818.nick@webthing.com>
Thread-Index: Aca99HRyn1os6wdTRA+JlE8Lwtl1tQADCUXw
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: RE: [users@httpd] DBD Authentication using MySQL
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

Nick Kew <mailto:nick@webthing.com> wrote:
> On Saturday 12 August 2006 09:43, Rob Sterenborg wrote:
> 
>> But, I'm starting to feel stupid now and here's why.
>> When I point the browser to the url I'm prompted for my user/pass.
>> When I enter that information, there's no telling what Apache will
>> do: it may authenticate, but also it may not. If it authenticates
>> me, it will try to re-authenticate when I press the Refresh button
>> often enough (in both IE and FF). Also, when listing directories, I
>> don't see the full listing.
> 
> Random-looking behaviour is _probably_ due to browser cache.

In this case it apparently wasn't.

>> [Fri Aug 11 18:50:31 2006] [error] [client 10.0.1.1] user <me>:
>> authentication failure for "/mp3/S/index.php": Password Mismatch
> 
> That looks clear enough.  You are a valid user, but your
> encrypted password in the database doesn't match what your browser
> sent. 

I didn't have encrypted passwords because this was only testing and I
wanted to be able to check everything. I used "select encrypt(password)
from ..." which is something I found in a post, don't remember where.

> The easiest way to populate the database is probably to
> create individual entries using htpasswd or htdigest
> (depending on what method you use) and importing the values
> to your SQL.  And beware of charset issues if you have
> anything that's not ASCII-compatible.

This was a test where I used plaintext data (for passwd too) but it got
the UTF-8 charset setting when I didn't pay attention.. I changed all
fields into ASCII.
However this doesn't solve the problem.

I created a new field where I store the encrypted version of the
plaintext passwords: now it works..!

Thanks alot for the module and your patience!


Grts,
Rob


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org