Setting up HTTP Basic Authorisation

T Gillett tgillett1 at powerup.com.au
Wed Dec 6 15:12:16 MSK 2006 

Igor Sysoev <is at ...> writes:

> 
> On Wed, 6 Dec 2006, T Gillett wrote:
> 
> > I am trying to set up HTTP Basic Authentication for nginx on my NSLU2 running
> > Unslung 6.8.
> >
> > To test I have added the auth-basic lines to the nginx.conf file to control
> > access to php files as follows:
> >
> > #proxy php-fcgi
> >        location ~ \.php$ {
> >            fastcgi_pass   127.0.0.1:9009;
> >            fastcgi_index  index.php;
> >            fastcgi_param  SCRIPT_FILENAME 
/opt/share/www/php/$fastcgi_script_name;
> >            fastcgi_param  QUERY_STRING     $query_string;
> >            fastcgi_param  REQUEST_METHOD   $request_method;
> >            fastcgi_param  CONTENT_TYPE     $content_type;
> >            fastcgi_param  CONTENT_LENGTH   $content_length;
> > 	     auth_basic "Restricted";
> >            auth_basic_user_file conf/htpasswd;
> >
> > With the auth-basic lines commented out, I can access the php pages OK.
> > With the lines in place, I get the login dialog box as expected, but when I
> > login, all that happens is that the login box is refreshed.
> >
> > Two entries are created in the host.access.log showing the attempted access.
> > There is no entry in the error.log
> >
> > I think I am just missing some basic step in setting this up.
> >
> > Is the htpassword file correct?
> > Is the encryption of the password correct?
> 
> What does
> perl -le 'print crypt("test", "cg")'
> show ?
> 
> > Any suggestions / help appreciated
> 
> > ************************************************
> > The htpassword file for the user account ЪЪtestЪЪ is as follows:
> > 	test:cgsk91HyOZHGE
> > (the password is ЪЪtestЪЪ)
> >
> > The entries in the host.access.log is as follows:
> >
> > 192.168.1.25 - - [06/Dec/2006:20:27:32 +1000] GET /hello.php HTTP/1.1
> > Status"401" Bytes195 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
> > rv:1.8.0.8) Gecko/20061025 Firefox/1.5.0.8" "-"
> >
> > 192.168.1.25 - test [06/Dec/2006:20:27:40 +1000] GET /hello.php HTTP/1.1
> > Status"401" Bytes195 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
> > rv:1.8.0.8) Gecko/20061025 Firefox/1.5.0.8" "-"
> 
> Could you make a debug log ?
> 
> Igor Sysoev
> http://sysoev.ru/en/
> 
> 


Hi Igor
Thanks for the response.

Running the perl crypt gives:
# perl -le 'print crypt("test", "cg")'
cgsk91HyOZHGE


This is the way I have set up the error logging. 
Is this correct for debug log as you have asked?

   server {
        listen       7007;
        server_name  localhost;

        access_log  /var/tmp/host.access.log main;
        error_log /var/tmp/error.log debug;

        location / {
            root   html;
            index  index.html index.htm;
	
        }

The error log shows entries for example for a request for a non-existent page as
below:

2006/12/06 21:44:30 [error] 476#0: *1 open() "/opt/nginx/html/test.html" failed
(2: No such file or directory), client: 192.168.1.25, server: localhost, URL:
"/test.html", host: "192.168.1.78:7007"

Thanks
Terry

More information about the nginx mailing list