On 4/30/2013 9:06 AM, Bo Berglund wrote: > I have a local Apache 2.2 server on my development PC. It is running > on Windows7X64. > Some of our folders are protected and we use .htpasswd files to > authenticate the users with CRYPT-ed passwords. > THe whole website is version controlled in CVS and I work on a checked > out copy of the website. > > Now I need to develop some PHP scripts and these need to know which > user is logged on so for debugging I must get the authentication > going. > But so far I have been out of luck using the file with CRYPT:ed > passwords. > > I discovered: > If I use the htpasswd command to create a password on the Win7 box it > seems to totally disregard the command line switch to make a CRYPT > password, instead it always forces use of MD5. > > On the real server (at Network Solutions) the normal .htpasswd file > works just fine. > > How can I make Apache2.2 on Win7X64 use the existing passwords so I > can continue developing the PHP scripts? > > Hi, Bo, While I can't identify the cause of your issue readily, I can suggest a fine alternative: use database authentication instead. Here's an excerpt from a blog comment that I wrote some time ago; it should steer you in the right direction if you are open to my suggestion. From: http://www.pitr.net/index.php/2007/08/08/internal-error-pcfg_openfile-called-with-null-filename/ --------------------------------------------------------------- [...] Windows users do not have the ability to specify "AuthUserFile /dev/null". Furthermore, that is an undesirable solution (as others have noted). This is the appropriate method, provided as a complete example: <Directory /> Options FollowSymLinks AllowOverride None Order deny,allow Deny from all Satisfy all AuthBasicProvider dbm AuthDBMType SDBM AuthName "Protected Area" AuthType Basic AuthDBMUserFile "D:/Program Files/Apache/passwords.dat" require valid-user </Directory> Obviously, "AuthBasicProvider" and "AuthDBMType" must reflect the correct values for your system (available types for "AuthDBMType" are: default|SDBM|GDBM|NDBM|DB). See http://httpd.apache.org/docs/2.0/mod/mod_auth_dbm.html and http://httpd.apache.org/docs/2.1/mod/mod_auth_basic.html for additional information. The above example functions as expected with Apache 2.2.6 on Windows 7 x86. "passwords.dat" should be created with something like this: > D:\Program Files\apache\bin>htdbm -cs "D:\Program Files\Apache\passwords.dat" yourname Note also that, according to the mod_auth_basic manual page (cited above), setting "AuthBasicAuthoritative" to "Off" "... should only be necessary when combining mod_auth_basic with third-party modules that are not configured with the AuthBasicProvider directive." Thanks to everyone here for the assistance in getting this to work properly (under Windows, no less). --------------------------------------------------------------- Happy to answer any questions! Good luck! -Ben --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|