>My problem: I'm running Apache 1.0 (on a Linux box with kernel 1.2.13)
>and I want to do user authentication for one directory. I consulted
>the apache server documentation, which I found not extremely helpful.
>So I studied the tutorial for NCSA. It all seems not very difficult -
>it just doesn't work with my setup. I always get a 'User authentication
>failed' message (I created several users with htpasswd and I'm SURE
>that I didn't forget ALL the passwords...).
Did you put all the authetication stuff in your access.conf file?
If so, did you stop the web server and restart it (so it would load the
new authentication software)?
Did you put it in a .htaccess file in the directory? If so, did you
configure that directory in access.conf to allow authentication
overrides?
Did you use the DBM utilities or the flat-file password file? Did you
use the correct Auth... keywords when defining the authentication in
your .htaccess or access.conf file (i.e. use the dbmmange program with
Auth...DBM, or htpasswd with Auth..., and not vice-versa)?
Quote:>Somebody mentioned that the password encryption of htpasswd was identical
>with the stystem's password encryption (in /etc/passwd). But when I
>compared a system and htpasswd user with the same password the encryption
>was different.
That was probably a difference in the ``salt'' used. (A two-byte
quantity called ``salt'' is added to the crypt() function when a
password is encrypted so that if two users have the same password on the
same system, they must also have the exact same salt to have the same
encrypted password string.
Quote:>Does user authentication in Apache really work the same way as in NCSA?
>HOW DOES IT WORK? Any helpful suggestions will be highly appreciated!
Dave
--
David D. Kilzer \ ``I do not fear computers.
Computer Engineer 5 \
Iowa State University, Ames / -- Isaac Asimov
by