HCSuperStores Posted July 12, 2004 Posted July 12, 2004 On my machine I have a web server running (Apache/Linux) but I'm having a weird issue with getting an ID and password working via .htaccess. Here's my latest try of the two files: .htaccess file >Options All -Indexes AuthType Basic AuthName "ID and Password required." AuthUserFile "/home/bhermonat/.htpasswds" require user testme ... and the password file ... >testme:f9Ef3llg.gkm6 I do see a password screen, but the ID and password I supplied don't work. It's like I'm typing something in wrong. It just comes back with the same password screeen no matter what I type. I've tried several different ID and password files, recreating the files several times. Nada. One thing I noticed is that, as root, I can simply use the "htpasswd" command all by itself to create the password file. I thought the root access might be throwing things off so I created it with the user account too, but couldn't just type "htpasswd ..." it had to be "/usr/sbiin/./htpasswd". Is that strange? If there's some part of the picture I'm missing here let me know. Thanks! Quote
borfast Posted July 12, 2004 Posted July 12, 2004 HC, it's not strange that you couldn't use htpasswd with your regular user. It's because the path "/usr/sbin" is not in your user's PATH but it's part of the root user's PATH environment variable. So while your regular user must type the whole "/usr/sbin/htpasswd" path to execute the program, the root user only needs to execute "htpasswd" because the system knows where to look for it. Now about the htpasswd problem, have you checked the permissions of the generated .htpasswd file? I never worked with htpasswd directly but it's the first thing that comes to my mind. Quote
HCSuperStores Posted July 12, 2004 Author Posted July 12, 2004 I've tried 755 and 777 on the .htpasswd file with no change. Hmmmmm ... I've been accessing my machine through http://localhost/ ... could that hamper the operation of the password requirement? I've tried to use the external IP address, but it doesn't seem to work. I have a particular port that should route to my machine and with or without the port doesn't seem to work. I'll check my router settings again just to be sure it's going where it should. Any other ideas you have ... please let me know!!! Thanks! Quote
HCSuperStores Posted July 12, 2004 Author Posted July 12, 2004 Hmmmmmmmmmm ... I found that in resetting my router recently I grabbed a different internal IP number, so I corrected that and now my sites are available to the web at large. But the .htaccess still rejectes ever ID password combination that I try. Still stuck ... Quote
borfast Posted July 12, 2004 Posted July 12, 2004 (edited) HC, I tried setting up a password protected directory on my local machine but I was not successful, either. I opened a .htaccess file from a password protected directory I have in my personal account on TCH. The file contents are 99% equal to what I had created, except for the path to the password file. I don't know why it doesn't work. Perhaps it has something to do with Apache's default weird configuration (I'm using the stock Fedora / Red Hat Apache package... ). I'll investigate more when I have the time and let you know what I find out. Edited July 13, 2004 by TCH-Raul Quote
HCSuperStores Posted July 12, 2004 Author Posted July 12, 2004 Thanks Raul. I'm going in the same direction of examining Mandrake's default configuration too. I would think that it would be an "all or nothing" if it was a setting issue. The fact that I get prompted for an ID and password, but none of them work, still puzzles me. Thanks for your efforts. I hope we both learn something from this. Quote
borfast Posted July 12, 2004 Posted July 12, 2004 Well, a quick search on Google came up with this little tutorial: http://www.colostate.edu/~ric/htpass.html As you can see, it adds very little to what we already have. I took a peek at httpd.conf (Apache's configuration file - if you want to look at it, it should be in somewhere inside "/etc/httpd/conf/" or maybe just "/etc/" ) and I found that the "AllowOverride" directive was set to "None". I changed it temporarily to "All" and when I tried to access the protected directory again, it asked me for a username and password! But when I tried the user/pass combination I had just created, my went It doesn't work. It keeps asking for the username and password, like you described in your first post But I'm not giving up just yet. Apache is not more stubborn than me Quote
borfast Posted July 12, 2004 Posted July 12, 2004 By the way, this is what my .htaccess file looks right now: >AuthUserFile /home/borfast/htpass/.htpasswd AuthGroupFile /dev/null AuthName "Just Something" AuthType Basic <Limit GET POST> require valid-user </Limit> Quote
HCSuperStores Posted July 12, 2004 Author Posted July 12, 2004 I'm feeling a little silly, but I found the answer. I went down the same road as you ... I found the AllowOverride directive and changed it the same way you did. Still nothing. Then I did a logical thing, based on what I found in a google searched ... I checked my Apache error logs. I found this: >(2)No such file or directory: Could not open password file: /home/bhermonat/.htpasswds Sure enough ... if I looked close enough, one file I created was ".htpasswd" and the other ".htpasswds". I changed them to match and wouldn't you know that it worked! However, you're still stuck. Check the error log ... what does it say? Quote
HCSuperStores Posted July 12, 2004 Author Posted July 12, 2004 My two files look like this now: .htaccess >Options All -Indexes AuthType Basic AuthName "ID and Password required." AuthUserFile /home/bhermonat/.htpasswd Require valid-user .htpasswd >test123:KLXIEaYC9D/Pc Does that help? Quote
borfast Posted July 12, 2004 Posted July 12, 2004 Well, my log files say that it's a permissions problem... >Permission denied: Could not open password file: /home/borfast/htpass/.htpasswd but I don't get it... I've gone as far as making both .htaccess and .htpasswd and it still doesn't open the darn thing!! Quote
borfast Posted July 13, 2004 Posted July 13, 2004 Well, I got it to work, too. Strangely, I moved the .htpasswd file out of my home directory, into "/var/www/html/protected", the same directory as the .htaccess file, and it worked. I also tried moving the .htpasswd into "/var/www/htpasses" and it also worked. I'm not sure why Apache wouldn't read the password file from my home folder... perhaps it has something to do with something I saw in the httpd.conf file, a directive configuring Apache to not allow home folders to be used for home pages, or something like that... Anyway, it's working Thanks for the challenge, HC. It's always good to learn something new Quote
HCSuperStores Posted July 13, 2004 Author Posted July 13, 2004 FYI ... I have my .htpasswd file as 777, created by the user (bhermonat) not root. My .htaccess file I believe is 644, also created by user bhermonat. Did you use root or a user to create your files? Quote
borfast Posted July 13, 2004 Posted July 13, 2004 No, I didn't create the files while using root, I created all my files with my regular user and chgrped/chmoded them as needed. Quote
HCSuperStores Posted July 13, 2004 Author Posted July 13, 2004 Sorry about that ... looks like we cross-posted!!! That is weird about the directory thing that you ran in to. I did not change any defaults on the Apache 2 server that I'm running and yet the home (/home/bhermonat/) directory worked. Well we both got ours to work. I just wish I hadn't spent so much time on the "s" in .htpasswds ... silly me! However, I think the information gained (permissions and AllowOverride) were all part of the solution. That's my exuse for today's learning experience! I thank you (again) for your continued help!!! Take care my friend! Bill :Nerd: Quote
borfast Posted July 13, 2004 Posted July 13, 2004 (edited) No problem! And I also thank you, as I said it's always good to learn something new /me types "apache survival guide" on Amazon.com's search box... Edited July 13, 2004 by TCH-Raul Quote
didak Posted November 9, 2004 Posted November 9, 2004 I know I'm super late to this discussion, but I'm starting from scratch and want to go and edit httpd.conf file. I didn't find it in the /etc folder, and can't find it elsewhere. Help? Dida Quote
TCH-Bruce Posted November 9, 2004 Posted November 9, 2004 You should be able to find it's location using the following. Login as root and from the root folder enter the following command. find . -name httpd.conf -print It will find all occurrences of the file. Quote
didak Posted November 10, 2004 Posted November 10, 2004 Thanks- except that i just read in another thread that we (TCH customers) are not allowed to edit that file. Can we ask you guys to do it? Also, i thought we didn't have shell access either? (or as rhat my last host?) TIA- Dida Quote
LisaJill Posted November 10, 2004 Posted November 10, 2004 You don't, all of these instructions are for doing things on people's home computers - as per the subject: .htaccess problems for the server on my computer. =) Quote
didak Posted November 10, 2004 Posted November 10, 2004 Gotcha- I was probaly skimming post too quickly. I need to prevent folks from seeing our assets server 77 side, so I assume i use the .htaccess method An engineer buddy had suggested i edit the httpd.conf file, but obviously I can't do that Thanks again Lisa! Dida Quote
didak Posted November 10, 2004 Posted November 10, 2004 doh!- post starts out with "on my machine . . ." I've gotta slow down Quote
TCH-Bruce Posted November 10, 2004 Posted November 10, 2004 doh!- post starts out with "on my machine . . ." I've gotta slow down No problem, just answered the question you asked. I assumed you meant on your own computer. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.