RE: [users@httpd] DBD Authentication using MySQL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Nick Kew <mailto:nick@xxxxxxxxxxxx> wrote:
> On Saturday 12 August 2006 09:43, Rob Sterenborg wrote:
> 
>> But, I'm starting to feel stupid now and here's why.
>> When I point the browser to the url I'm prompted for my user/pass.
>> When I enter that information, there's no telling what Apache will
>> do: it may authenticate, but also it may not. If it authenticates
>> me, it will try to re-authenticate when I press the Refresh button
>> often enough (in both IE and FF). Also, when listing directories, I
>> don't see the full listing.
> 
> Random-looking behaviour is _probably_ due to browser cache.

In this case it apparently wasn't.

>> [Fri Aug 11 18:50:31 2006] [error] [client 10.0.1.1] user <me>:
>> authentication failure for "/mp3/S/index.php": Password Mismatch
> 
> That looks clear enough.  You are a valid user, but your
> encrypted password in the database doesn't match what your browser
> sent. 

I didn't have encrypted passwords because this was only testing and I
wanted to be able to check everything. I used "select encrypt(password)
from ..." which is something I found in a post, don't remember where.

> The easiest way to populate the database is probably to
> create individual entries using htpasswd or htdigest
> (depending on what method you use) and importing the values
> to your SQL.  And beware of charset issues if you have
> anything that's not ASCII-compatible.

This was a test where I used plaintext data (for passwd too) but it got
the UTF-8 charset setting when I didn't pay attention.. I changed all
fields into ASCII.
However this doesn't solve the problem.

I created a new field where I store the encrypted version of the
plaintext passwords: now it works..!

Thanks alot for the module and your patience!


Grts,
Rob


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux