CGIAuth problem

New Member Joined: Feb 08, 2005 Posts: 3

Hi all!

Sorry for my bad english...
I have a little problem with the CGIAuth. I build CGIAuth file (.stacces) with Sentinel, in the sentinel admin ABAuthList.
I activate the CGIAuth, open the popup, I write the CORRECT name and pass, but I cant access to my site. The popup is over again and again. But I enter the encrypted password, it's working. What's the problem?
I dont't understand.

Thanks

Posted: Tue Feb 08, 2005 9:45 am

Check the htaccess
AuthUserFile /path/to/your/.staccess
It may not be finding the .staccess file.

Posted: Tue Feb 08, 2005 12:14 pm

sixonetonoffun wrote:

Check the htaccess
AuthUserFile /path/to/your/.staccess
It may not be finding the .staccess file.

I don't know... Embarassed

The Sentinel wrote:

Quote:

Normally: d:\appserv\www\nuke76\tttt\.staccess

In my .htacces:

Quote:

AuthUserFile d:\appserv\www\nuke76\tttt\.staccess

And I create a file width this:

Quote:

<?php

$_cur_dir = getcwd();
echo"My web root dir is: $_cur_dir";

?>

My web root dir is: d:\appserv\www\nuke76\tttt
?
Thanks

Posted: Tue Feb 08, 2005 12:46 pm

Ok there are some good examples of the files needed in this thread:
http://www.ravenphpscripts.com/postt2950.html

Are your following the part that the .staccess is nothing more then a simple .htpasswd file with the username: and the md5 password inside?

Posted: Tue Feb 08, 2005 12:53 pm

One other note* I have not tried with the CGiAuth but I know for the httpAuth that register globals has to be on at least thats been my experience with it.

Posted: Tue Feb 08, 2005 1:17 pm

Try this open a command prompt
Type in:
cd /d d:/appserv/Apache/bin
Hit <Enter>
Then type
htpasswd -b d:/appserv/www/nuke76/tttt/.staccess username password
Hit <Enter>

This will create the .staccess file with the username and password you entered.

Then in your htaccess file make sure your slashes in the path are this / not \

Posted: Tue Feb 08, 2005 1:34 pm

See the trouble is windows. If you use the form Raven created the passwords will never work on windows/Apache so you almost have to use the htpasswd.exe to generate the passwords for use in the password file. If someone knows an easier way I'm game to try it out.

Posted: Tue Feb 08, 2005 6:28 pm

sixonetonoffun wrote:

Ok there are some good examples of the files needed in this thread:
http://www.ravenphpscripts.com/postt2950.html

Are your following the part that the .staccess is nothing more then a simple .htpasswd file with the username: and the md5 password inside?

Hi!

That was the first thing what i doing. Not work.
Next step: I turned on/off the register_globals, nothing.
But this work!!! Laughing

Quote:

htpasswd -b -c d:/appserv/www/nuke76/tttt/.staccess username password

only one change: you see, the -c

(Yust silently: what wrong with the sentinel crypted pass?)
Thank you very mutch.
Thanks. worship

Posted: Tue Feb 08, 2005 8:17 pm

Very good thank you for posting back.
-c makes sense I ran it over the existing file so it printed to it ok the other way for me.

I haven't really looked to see what the difference is but I know even the author of HTAdmin used htpasswd.exe in a variable to create the files on win/apache
$cfghtpasswdEXE = 'C:\Program Files\Apache Group\Apache\bin\htpasswd.exe';

All other Apache systems work fine with crypt()
$salt = random();
$salt = substr($salt, 0, 2);
return crypt($password, $salt);

So I assume it is an issue with the function PHP crypt() on windows systems.