Support

dlhhyct · #1 10-04-2006, 08:09 PM

when enabled htaccess in one html page vhost, browser fails to authenticate and continue to prompt for password.

Code:

AuthType Basic
AuthName "secret"
AuthUserFile /data/apps/maint/.htpasswd
Require user admin

passwd file created by "htpasswd2 -c .htpasswd admin"
error log: [127.0.0.1:42960-0#maint] Authentication failed with user: 'admin'.
lsws: std 2.2.2 upgraded from previous version.

I remember htaccess on previous lsws worked, forgot which version.

mistwang · #2 10-04-2006, 08:44 PM

It works, maybe the password is encrypted in MD5 format, LSWS works with password created with crypt().

dlhhyct · #3 10-04-2006, 09:53 PM

i first generate password using "htpasswd2 .htpasswd admin", enter actual password "password", and generated .htpasswd file contains "admin:PlGpWI7RquZKQ"

then I use perl to generate again, result from perl matches .htpasswd, so password is ok.

Code:

#!/usr/bin/perl
$val = crypt("password", "Pl");
print "result: $val\n";

and I blasted away old lsws, did a fresh install of std 2.2.2, still can't login.

mistwang · #4 10-05-2006, 06:53 AM

Please double check your file path and permission. the user that lshttpd run as should be able to read that file.

dlhhyct · #5 10-05-2006, 07:17 AM

i think my path and permission are correct:

PHP Code:


			


ws maint # pwd

/data/apps/maint

ws maint # 

ws maint # ls -al

total 16

drwxr-xr-x 2 dchen  users  168 2006-10-05 10:11 .

drwxr-xr-x 6 dchen  users  152 2006-10-04 22:04 ..

-rwxr-xr-x 1 dchen  users   72 2006-10-05 00:38 gen.pl

-rw-r--r-- 1 nobody nobody  92 2006-10-05 10:01 .htaccess

-rw-r--r-- 1 nobody nobody  20 2006-10-05 09:58 .htpasswd

-rw-r--r-- 1 dchen  users   12 2006-10-04 22:04 index.html

ws maint # 

ws maint # cat .htaccess 

AuthType Basic

AuthName "secret"

AuthUserFile /data/apps/maint/.htpasswd

Require user admin

ws maint # 

ws maint # cat .htpasswd 

admin:vEuwSmbabnxKM

mistwang · #6 10-05-2006, 08:27 AM

Can you please try it with LiteSpeed's realm configuration, see if the password file works or not.

dlhhyct · #7 10-05-2006, 09:04 AM

i setup realm1, setup static context "/r1" -> $VH_ROOT using realm1, browser pops up login box for realm1, and it works.

so should i use realm instead of htaccess for such? what's the difference of 2?

what I try to do is for ruby on rails app, I deploys same code to 2 vhosts. 1st vhost for public users with "/admin" disabled, and 2nd admin vhost with htaccess.

mistwang · #8 10-05-2006, 01:15 PM

This two should have the same result, but I am not sure why htacess does not work well on your case.

If you can avoid using .htaccess, you should avoid it.