httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bo Berglund <bo.bergl...@gmail.com>
Subject [users@httpd] Re: Cannot get Apache 2 basic authentication working with CRYPT on Win7
Date Tue, 30 Apr 2013 15:12:07 GMT
On Tue, 30 Apr 2013 10:31:07 -0400, Ben Johnson <ben@indietorrent.org>
wrote:

>
>
>On 4/30/2013 9:06 AM, Bo Berglund wrote:
>> I have a local Apache 2.2 server on my development PC. It is running
>> on Windows7X64.
>> Some of our folders are protected and we use .htpasswd files to
>> authenticate the users with CRYPT-ed passwords.
>> THe whole website is version controlled in CVS and I work on a checked
>> out copy of the website.
>> 
>> Now I need to develop some PHP scripts and these need to know which
>> user is logged on so for debugging I must get the authentication
>> going.
>> But so far I have been out of luck using the file with CRYPT:ed
>> passwords.
>> 
>> I discovered:
>> If I use the htpasswd command to create a password on the Win7 box it
>> seems to totally disregard the command line switch to make a CRYPT
>> password, instead it always forces use of MD5.
>> 
>> On the real server (at Network Solutions) the normal .htpasswd file
>> works just fine.
>> 
>> How can I make Apache2.2 on Win7X64 use the existing passwords so I
>> can continue developing the PHP scripts?
>> 
>> 
>
>Hi, Bo,
>
>While I can't identify the cause of your issue readily, I can suggest a
>fine alternative: use database authentication instead.
>
>Here's an excerpt from a blog comment that I wrote some time ago; it
>should steer you in the right direction if you are open to my suggestion.
>
>From:
>http://www.pitr.net/index.php/2007/08/08/internal-error-pcfg_openfile-called-with-null-filename/
>---------------------------------------------------------------
>[...] Windows users do not have the ability to specify "AuthUserFile
>/dev/null". Furthermore, that is an undesirable solution (as others have
>noted). This is the appropriate method, provided as a complete example:
>
><Directory />
>	Options FollowSymLinks
>	AllowOverride None
>	Order deny,allow
>	Deny from all
>	Satisfy all
>	AuthBasicProvider dbm
>	AuthDBMType SDBM
>	AuthName "Protected Area"
>	AuthType Basic
>	AuthDBMUserFile "D:/Program Files/Apache/passwords.dat"
>	require valid-user
></Directory>
>
>Obviously, "AuthBasicProvider" and "AuthDBMType" must reflect the
>correct values for your system (available types for "AuthDBMType" are:
>default|SDBM|GDBM|NDBM|DB). See
>http://httpd.apache.org/docs/2.0/mod/mod_auth_dbm.html and
>http://httpd.apache.org/docs/2.1/mod/mod_auth_basic.html for additional
>information.
>
>The above example functions as expected with Apache 2.2.6 on Windows 7
>x86. "passwords.dat" should be created with something like this:
>
>> D:\Program Files\apache\bin>htdbm -cs "D:\Program
>Files\Apache\passwords.dat" yourname
>
>Note also that, according to the mod_auth_basic manual page (cited
>above), setting "AuthBasicAuthoritative" to "Off" "... should only be
>necessary when combining mod_auth_basic with third-party modules that
>are not configured with the AuthBasicProvider directive."
>
>Thanks to everyone here for the assistance in getting this to work
>properly (under Windows, no less).
>---------------------------------------------------------------
>
>Happy to answer any questions! Good luck!
>
>-Ben

Well,
I cannot easily change the authentication method at all because the
"real" website uses CRYPT passwords and we also have a lot of software
in-house that updates these .htpasswd files with new user logins when
new customers are granted access to the protected parts of the site.
I have no idea how I could generate MD5 passwords in my software so I
am stuck with CRYPT (which I can create).
Note that if this is changed I need to do the same on all of the
protected folders on the real site...

What I wanted to do was use my own Win7 PC with a mirror image of the
website in such a way that I can test all aspects of the PHP scripts
before committing to the real world site.
So the mirror must be working the same way as the real site.

Seems like I must get a Linux box and install Apache there (it is
probably already installed out of the box) and then use that as a test
tool. But then I can't directly test the files as they are edited,
they have to be transferred over to the Linux server first, what a
hassle!
Sigh, have to think of another solution obviously.

-- 
Bo Berglund
Developer in Sweden


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message