logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Directory password protection: what's going wrong?
Author
jhsachs



Joined: 03 Aug 2010
Posts: 8
Location: Northern California

PostPosted: Thu 24 Apr '14 18:58    Post subject: Directory password protection: what's going wrong? Reply with quote

I'm trying to set up password protection on an Apache HTTP server, and it's not working. I hope someone can help me figure out what's gone wrong.

First, the environment: Apache 2.4.4 installed with XAMPP Control Panel 3.2.1 under Windows 7 Professional.

http.config says "AllowOverride All."

The .htaccess file in the protected directory says:

Code:
AuthName    "Sample documents"
AuthType    Basic
AuthUserFile "D:/htdocs/subsidy/.htpasswd"
require     valid-user

(Note: this is a test on a private server. On a "real" server I would never put the password file in the document space!)

I made subsidy the current directory and entered the command:

Code:
htpasswd -c .htpasswd samples

htpasswd prompted me for the password twice, and I entered it twice. When it quit I had a file named .htpasswd in the subsidy directory. I typed it and its contents looked correct according to the examples I've seen.

Then I restarted Apache and tried to load a page from the directory. The browser simply prompted me for the username and password over and over.

The Apache error log says, "AH01617: user samples: authentication failure for "/subsidy/filename.html": Password Mismatch."

I deleted the .htpasswd file and ran htpasswd again, specifying a different (very simple) password. I also confirmed that caps lock was not on both before and after. I restarted the server, tried to load a page, and got the same problem.

Apache seems to think I'm entering the wrong password, but that seems impossible when I've just defined it myself -- and I've tried twice, intentionally choosing a very simple password the second time. If the message means what it says, the cause must be something very different from the obvious one. Any suggestions on what could be happening?
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Tue 29 Apr '14 15:40    Post subject: Reply with quote

on Windows you need to create your password with MD5 or plain.

Code:
htpasswd -nbm myName myPassword > D:/htdocs/subsidy/.htpasswd
Back to top


Reply to topic   Topic: Directory password protection: what's going wrong? View previous topic :: View next topic
Post new topic   Forum Index -> Apache