.htpasswd

I am trying to get basic authentication working with nginx in Ubuntu Jaunty. In nginx.conf, I added these two lines under the server context: server { ... auth_basic "Restricted Access"; auth_basic_user_file /etc/nginx/.htpasswd; ... } Then I apt-get'ed apache2-utils to get htpasswd, which I used to create the htpasswd file: htpasswd -d -c /etc/nginx/.htpasswd joe When I try to access the site, the authentication dialog comes up as expected, but when I put in the username and password, it just refreshed the dialog box. It doesn't seem to like the password I am providing it. I tried running

In a previous question, I was trying to password protect my /admin/ and sub-folders directory using Nginx with .htpasswd and regex. That was done successfully, but now, after password authentication was completed, Nginx prompts to "download" php files, rather than simply loading them. This doesn't happen when the new location "authentication" block is commented out. For instance, in this code sample, PHP pages load without any issue: location / { try_files $uri $uri/ =404; } #location "~^/admin/.*$" { # try_files $uri $uri/ =404; # auth_basic "Restricted"; # auth_basic_user_file /etc/nginx/

i use "Force MD5 encryption of the password" in htpasswd to generate a hash for instance '123' i get: use htpasswd: 123 => $apr1$kaTbKaLO$ewJXRZAKpjaxK4thy2jOp/ use MD5 digest: 123 => 202cb962ac59075b964b07152d234b70 please tell me how can i generate a hash like the apache htpasswd using java Thanks. Josh Passwords in Apache .htpasswd files are encoded using a salt . If you want to generate these passwords using Java you'll need to do the same. This site has an explanation of the salt/hashing algorithm used for Apache's .htpasswd files; I am looking for an actual algorithm you could use and

On DreamHost shared hosting, I'm setting up htpasswd, but Apache does not have permission to read the file. How do I give it permission? I want to either change the owner or group of the .htpasswd file instead of giving it insecure permissions. I don't think I have access to the httpd.conf file, so I can't use this method to find what user Apache runs as . Also, running top or ps aux only shows the processes I'm running but doesn't show the apache process. Based on the output from cat /etc/passwd and cat /etc/group , I'm guessing it's www-data . Well, I followed the instructions for Password

How can I password protect my website during development with htaccess in Cakephp? which htaccess file do I have to change? what do I have to write in the htaccess where do I put the .htpasswd? I searched google for that but couldn't find anything useful, I hope you could help me! Thanks Till that helped me solve the problem! For CakePHP-Users: - Modify the .htaccess in /app/webroot/ - add something like that at the beginning of the .htaccess-file: AuthName "Restricted Area" AuthType Basic AuthUserFile /complete/path/to/.htpasswd AuthGroupFile /dev/null require valid-user Now create the

I want to create a log in system using htaccess and htpasswd file and PHP for the server-side code, but when the user logs in I want to be able to identify that user, so how can I know what the user typed in as their username using PHP code (I assume I won't need to know the password if they've managed to access the restricted page)? Many thanks, Ben You just need the following to get the username that is currently in use for an authenticated session: $_SERVER['PHP_AUTH_USER'] rev1 In light of @Ben's comment I've now found the section in the PHP documentation at HTTP authentication with PHP

I was wondering if it was possible to setup a conditional http basic auth requirement based on the virtual host URL in an .htaccess file. For example what I want to do is have mysite.com and test.mysite.com run off the same code base in the same directory but password protect test.mysite.com. It would be setup this way so that I wouldn't need to branch my code since my app code can see which vhost/url it's being served from and pick the database to serve content from. You can sort of kludge this by using mod_setenvif along with the mod_auth modules. Use the SetEnvIfNoCase directive to set

Possible Duplicate: HTTP authentication logout via PHP Hi I have a some functionality on my website protected using .htaccess and .htpasswd . When users attempt to access this, they get prompt to enter details. They enter their details and get in and can see stuff etc. All works fine. My question is how do I create a logout functionality for this type of authentication. I know that they can close the browser window to "Logout". But this is not ideal. What would you suggest to me? Thanks. Ludwig Weinzierl Browsers usually don't support this, see How do I log out? Since browsers first started