3

httpd.conf

LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so

httpd-vhosts.conf

<VirtualHost *:8080>
        ServerAdmin webmaster@192.168.1.162
        DocumentRoot "/data/www/sites/default/public"
        ServerName 192.168.1.162
        ErrorLog "/data/www/logs/apache/192.168.1.162-error_log"
        CustomLog "/data/www/logs/apache/192.168.1.162-access_log" combined
    <Directory "/data/www/sites/default/public">
        Options -Indexes
        AllowOverride All
        Order allow,deny
        Allow from all
        AuthType Basic
        AuthName "Restricted Resource"
        AuthBasicProvider file
        AuthUserFile /data/svn/htpasswd
        Require valid-user
    </Directory>
    ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/data/www/sites/default/public/$1
</VirtualHost>

I can get the info to input the user and password,but always can not be virified.I am sure the password is correct and the htpassswd file are not in the document root folder.

How can i resolve this problem?

RichieD
  • 160
  • 7
h3110 w0r1d
  • 33
  • 1
  • 1
  • 4

4 Answers4

3

It sounds like you might have Apache httpd 2.4.4 installed, which suffers from a known bug in the htpasswd utility... If so, take a look at this response to a similar question. The first work-around is the same as Noora's -- i.e. that command-line password specification works -- but others listed there might be more appropriate to your situation. The issue and workarounds apply to both .conf-file and .htaccess configurations.

I would only add that you needn't edit your passwd-file by hand, as the -n option implies. Using -b should suffice, e.g. htpasswd -b HTUSERS username password. If your passwd-file is FUBAR, you might just start over by adding the -c option -- truncating the file -- when you add the first user.

Good luck!

Community
  • 1
  • 1
RichieD
  • 160
  • 7
1

Are you sure your Apache user (www-data?) can access the user file? Also, you can drop the AuthBasicProvider line.

untitled8468927
  • 676
  • 4
  • 13
  • yes.apache user can access this file.It also does not work after i remove the provider line.I asked my friends to install apache 2.4, they also have this problem – h3110 w0r1d Apr 19 '13 at 09:35
  • What does your apache log say? The log files should provide some kind of insight into the problem, because I can't find a fault in the configuration itself. – untitled8468927 Apr 19 '13 at 09:44
  • apache error log says 'Password Mismatch'. but i am sure my password is correct.i use the default option to run htpasswd tool to generate this file – h3110 w0r1d Apr 19 '13 at 09:50
  • 1
    Are you sure the parameters are correct? Just to make sure, try `htpasswd -nb hello world` and write the output to the file yourself, then auth with hello & world.. I always do it this way to be sure I'm getting the right thing. – untitled8468927 Apr 19 '13 at 12:25
  • thank,it works.but why 'htpasswd file username' command write the wrong data in the file? – h3110 w0r1d Apr 22 '13 at 02:48
  • I don't know, but my guess is that you had something bad in the password string you gave it, like if you copy/paste a password and an extra space might sneak its way in. That's why I prefer not setting passwords interactively - although when you set a password from the command line, remember that it might be saved in the command history and erase it accordingly, or make sure the history file is secure. – untitled8468927 Apr 23 '13 at 13:45
0

I know I'm a little late to the party, but Apache 2.4 is still what I am using. And it's still got this issue, apparently.

I finally logged in successfully (because I knew my syntax and login was down to a t, it couldn't be that). I simply used a plain password instead of a hash, which is NOT a solution, but it shows that the problem is from using a password hash -- apparently Apache doesn't interpret it correctly.

JobMcKee
  • 1
0

In my case, the problem was due to a conflict with an unused but loaded mod-shib2 module. List your loaded modules with:

apache2ctl -M

and if present unload it with:

a2dismod shib2
systemctl restart apache2

this fixed basic authentication.

This is related to the bug https://bugs.launchpad.net/ubuntu/+source/shibboleth-sp2/+bug/1358284

Ortomala Lokni
  • 56,620
  • 24
  • 188
  • 240