CGIAuth system

Regular Joined: Oct 15, 2007 Posts: 87

Okay, I have done a search and didn't find my answer. My question is, I am setting up the CGIAuth system right now and I chmod the .ftaccess and the .htaccess to 666. I renamed the files that were in the download. Well, in the Admin Auth List I set my name and password. I did check the .staccess file to see if it wrote anything to it, and it did.

example of whats in side:
name:$1$F.YbuMNey$YzIWnkn3POrAEDz8SYHNc. <-- example

I figured thats the login in name and the stuff after the : the password encripted.

well when I go to rename the sample.htaccess to .htaccess and go back to my server that I am already logged in to and prviously on the sentinal module,(just was minimized). It aske me to authenticate by using the admin name and pass. so I enter in the name and pass that supposed to be registered and nothing happens, just opens up again asking for the info. what am I doing wrong?

registered · Posted: Thu Oct 18, 2007 6:08 am

Two things to check:

1. You should be using the admin auth password and not your admin login password. That can sometimes trip people up.

2. The path that is in the .htaccess to the .staccess file must be absolute and valid.

Either one of these is usually what trips people up.

Posted: Thu Oct 18, 2007 6:53 am

well, if it wrote, wouldn't that just go to say that the paths are correct. Also I was using the admin auth password. hrm...

Posted: Thu Oct 18, 2007 6:55 am

What PC operating system and browser are you using?

Posted: Thu Oct 18, 2007 6:57 am

Windows XP, and browser I use is FireFox.

Posted: Thu Oct 18, 2007 7:15 am

Okay, I just asked because I've seen problems with Apples and whatever browsers it uses. I've never been able to track it down and I can't even confirm whether maybe the admins were doing something wrong. But that's not your problem.

It's hard to diagnose your situation "remotely". I do know personally that I've had to go thru the CGIauth process a couple of times in some setups and basically print out the instructions and go thru them one by one with a checklist doing them in the order they are printed to get them to work. The instructions are somewhat "counter-intuitive" but they need to be followed exactly. Sorry to not be of much more help than that.

Posted: Thu Oct 18, 2007 7:41 am

fkelly wrote:

Okay, I just asked because I've seen problems with Apples and whatever browsers it uses. I've never been able to track it down and I can't even confirm whether maybe the admins were doing something wrong. But that's not your problem.

It's hard to diagnose your situation "remotely". I do know personally that I've had to go through the CGIauth process a couple of times in some setups and basically print out the instructions and go through them one by one with a checklist doing them in the order they are printed to get them to work. The instructions are somewhat "counter-intuitive" but they need to be followed exactly. Sorry to not be of much more help than that.

Okay, you lost me now. Which isn't a hard thing to do. Shocked

but, the only instructions I have is as follows,

Quote:

sample.htaccess, sample.htaccess, and sample.staccess are samples of the CGIAuth system.
In the sample.htaccess file you will see a sample of the code needed to use CGIAuth and
the sample.staccess, while empty, if renamed to .staccess, uploaded to your server then
chmoded to 666 will store the CGIAuth AID's and Passwords. ONLY ADD the CGIAuth sample
.htaccess code after setting up the rest of NukeSentinel(tm), otherwise you will be
locked out of your sites admin section. The sample.ftaccess when renamed as .ftaccess,
uploaded to your server and CHMODed to 666 will allow the flood protection to track
possible flood attacks.

Only on Apache servers -------------> root/.ftaccess (CHMOD 666)
This file should be empty to begin.
Only on Apache servers -------------> root/.htaccess (CHMOD 666)
Be sure your .htaccess file
has at least one blank line at
the end of it.
Only on Apache servers -------------> root/.staccess (CHMOD 666)
This file should be empty to begin.

Which is what came in the download. Also like to point out that there is a typo, Very first line, sample.htaccess was repeated twice, I know it was supposed to be sample.ftaccess .

But as for the CGIAuth. If it's writing to the /.staccess files and what not, that would say that it is writing, I know the address to the .htaccess is correct cause there all at the same level. I CHMOD it to 666 like it says above. I did go in the ACP, and found my name in the admin section, created a login name and password, then I also selected "Is Protected" under the the password where it ask, Protected:.

Then I click save changes and I get an email shortly saying that its been changed, then it redirects me back where I see the list of my admins and my self and it says something like this.

Admin: Ex@Mp13 Auth Login: Ex@Mp13 Auth Password: Set Protected: Yes

once I got there and had that saying that, thats where I went and deleated the word "sample" from the .htaccess so it would work and thats where I am at now. i put it back saying sample.htaccess so I can work on my site, but is there anything I am missing or did wrong, cause the instructions for it in the README really weren't clear on anything.

Posted: Thu Oct 18, 2007 8:37 am

Ah I think I see what may have happened.
Sentinel wrote correctly to .htaccess file but when you renamed the 'sample.htacess' to '.htaccess'' it may have over written the htaccess file that already had the correct user/pass combination in it.
At least that is what I think based on your last post because you say you checked the htaccess file then renamed sample.htaccess to .htaccess which would have over written it..

Posted: Thu Oct 18, 2007 8:50 am

okay, I just looked. my server must have made a .htaccess files cause I deleted the original one I had which was blank. I chmod that file to 666, and when back to the Admin section and clicked on my info and click save and it didnt write anything to the .htaccess file. Nothing is being writtin to it.

Edit:

I tried my test admin guy and its writing to the .staccess file, but nothing to the .ftaccess file. Is something supposed to get writtin to the .ftaccess file?

Posted: Thu Oct 18, 2007 10:05 am

If I remember correctly, ftaccess is used only for flood blocking

Posted: Thu Oct 18, 2007 10:09 am

oups, in my edit I wrote .ftaccess, I meant the .htaccess

See, its writing the names and passwords to the .staccess file but nothing to the .htaccess file. Is something supposed to be written to the .htaccess file?

if so then I wounder why its not. If not and then I wounder why when I add this code to the .htaccess file, it just doesent want to work.

Posted: Thu Oct 18, 2007 10:19 am

meh, I am an idiot.

Usally with me its the most obvious things that cause all the problems.

One thing I like to note is if anyone talks to the creator of sentinel, ask him to improve the read me, especially this portion. should note that you have to edit the .htaccess file to include the path to your .staccess file. in the read me it just says to configure the admin section in the ACP, then chmod the files and upload them, after looking over the .htaccess file again, the contents, I noticed I had to add the path to the .staccess file.

Well thanks for the quick responses, well goes to show that there are still a few sites that have people willing to help.

registered · Posted: Thu Oct 18, 2007 10:48 am

Doesn't sentinel show you exactly what you are supposed to put into your .htaccess file? It's been so long since I used it to setup CGIAuth. I seem to recall me typing in the info and it spitting out exactly what to put into the .htacess file, including the complete path to .staccess. But maybe I am not remembering correctly.

Posted: Thu Oct 18, 2007 11:16 am

The only instructions on this part was as follows.

Quote:

sample.htaccess, sample.htaccess, and sample.staccess are samples of the CGIAuth system.
In the sample.htaccess file you will see a sample of the code needed to use CGIAuth and
the sample.staccess, while empty, if renamed to .staccess, uploaded to your server then
chmoded to 666 will store the CGIAuth AID's and Passwords. ONLY ADD the CGIAuth sample
.htaccess code after setting up the rest of NukeSentinel(tm), otherwise you will be
locked out of your sites admin section. The sample.ftaccess when renamed as .ftaccess,
uploaded to your server and CHMODed to 666 will allow the flood protection to track
possible flood attacks.

Only on Apache servers -------------> root/.ftaccess (CHMOD 666)
This file should be empty to begin.
Only on Apache servers -------------> root/.htaccess (CHMOD 666)
Be sure your .htaccess file
has at least one blank line at
the end of it.
Only on Apache servers -------------> root/.staccess (CHMOD 666)
This file should be empty to begin.

That is a direct copy of the instructions. I personally found it rather difficult to follow and in no where did it say that you need to edit the .htaccess file doesent really say anything other then it contains a sample code.

But it really doesent go into any type of details to hwo your supposed to set it up, and I rember reading at least 2 other threads that had simmular problems which were never resolved. I am woundering if they were the same reason.

Posted: Thu Oct 18, 2007 11:29 am

Okay, I just looked. In the main Sentinel page, scroll down to Administrative Settings. There is a drop down for Admin Auth. Pick Admin CGIAuth. Then, there is a link in the staccess Path: box called CGIAuth Setup. If you click that after you have filled out the htaccess and staccess path boxes it displays what you should put in your .htacess file.

Posted: Thu Oct 18, 2007 11:35 am

That feature didn't used to be there, BTW. I believe Bob added it to help people out because setting it up can be confusing if you are not familiar with Apache.

Posted: Thu Oct 18, 2007 11:35 am

I see it now, I really have to say that I did over look that cause I was paying more attention to the readme.

Posted: Thu Oct 18, 2007 12:03 pm

It is easy to overlook. It's a pretty complicated piece of software to say the least.... Smile

Posted: Thu Oct 18, 2007 12:43 pm

I been around phpBB for a few years now helping out on a few mods, I guess I am just a little rusty. Been working on graphics and beta testing Quake wars for the last 8+ months, and since the game is released, I am slowly getting back into working with php and what not. meh....

Posted: Thu Oct 18, 2007 3:37 pm

Sorry for my delay in getting back to this. I haven't looked in the readme files recently but there is a good source of documentation in the:

HowToInstall/index.php

file in your distribution. From that pick the Configuration/nukesentinel option and you will see the step by step for installing cgiauth. That is the particular documentation I was referring to where you have to follow it step by step, very carefully, even if it seems a little counterintuitive. There are some places where you have to "double back" on your steps, or it seems that way, but unless you do it exactly it won't work.

Posted: Thu Oct 18, 2007 3:43 pm

It works fine now. Since I found my error a few hours ago.