httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Staffan Bergh <>
Subject Re: [users@httpd] passwords with strange characters doesn't work?
Date Fri, 04 Sep 2009 08:41:09 GMT
Eric Covener wrote:
> On Thu, Sep 3, 2009 at 7:51 AM, Staffan Bergh<> wrote:
>> Hi, I'm having a problem with authentication against our apache server.
>> Setup:
>>  apache 2.2.13 on windows XP sp3
>> in httpd.conf
>> <Location /test>
>>  AuthName "Test"
>>  AuthType Basic
>>  AuthUserFile C:/test/passwd
>>  Require valid-user
>> </Location>
>> In the passwd file, constructed with the apache htpasswd program on the
>> command line, is a user 'test'. With password 'testtestö' (note the last
>> character, it's a swedish o-with-umlaut) I get repeated queries for the
>> username/password
>> and in the error log
>>  [Thu Sep 03 10:28:16 2009] [error] [client] user test:
>> authentication failure for "/test": Password Mismatch
> They have to match byte-for-byte, not just be the same characters in
> their respective codepages.
> In a terminal it's relatively easy, but guessing how different
> browsers will read then decide what to put on the wire is hard.
> LDAP is unique in that we always know the real passwords are UTF-8,
> but we still can't do anything with a local codepage password
> reliably. There is a controversial feature that tries to guess/convert
> here:
> It essentially guesses things like Accept-Language: Y implies the
> browser sent the basic auth credentials in local codepage X.

Thanks for the explanation. Tried AuthLDAPCharSetConfig, but that made no
difference to the svn client access (no surprise there ...).

I guess I'll simply have to resign myself to 7-bit ASCII for passwords ...

Cheers /staffan

Staffan Bergh
System developer, KI Biobank, Karolinska Institutet
e: / p: +46 8 524 87152

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message