Setting up HTTP Basic Authorisation
T Gillett
tgillett1 at powerup.com.au
Wed Dec 6 23:54:55 MSK 2006
Igor Sysoev <is at ...> writes:
>
> On Wed, 6 Dec 2006, T Gillett wrote:
>
> > Igor Sysoev <is <at> ...> writes:
> >
> >> It seems I found the bug. If the "test:cgsk91HyOZHGE" is the single
> >> line in th efile and has no the carridge return or the line feed
> >> characters (if you edit file in the joe editor), then nginx does
> >> not understand the hash.
> >
> > This doesn't appear to be the problem in this case.
> >
> > The htpassword file actually has two lines as follows:
> > admin:cgwvsHpJSf6XU
> > test:cgsk91HyOZHGE
> >
> > followed by two empty lines (carriage returns).
> > I copied the admin line from etc/passwd and checked the password encryption
> > with the perl script.
> > Authorisation fails for both admin and test logins.
>
> May crypt() using another salt ?
>
> What does
> perl -le 'print crypt("test", "cgsk91HyOZHGE")'
> show ?
>
> Igor Sysoev
> http://sysoev.ru/en/
>
>
Igor
I set up another id/password with a different salt as follows:
admin:cgwvsHpJSf6XU
test:cgsk91HyOZHGE
test1:abgOeLfPimXQo
Same result. Here are the access log entries:
192.168.1.25 - - [07/Dec/2006:06:49:23 +1000] GET /hello.php HTTP/1.1
Status"401" Bytes195 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.0.8) Gecko/20061025 Firefox/1.5.0.8" "-"
192.168.1.25 - test1 [07/Dec/2006:06:49:35 +1000] GET /hello.php HTTP/1.1
Status"401" Bytes195 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.0.8) Gecko/20061025 Firefox/1.5.0.8" "-"
I ran the perl script as follows:
# perl -le 'print crypt("test", "cgsk91HyOZHGE")'
cgsk91HyOZHGE
The result is the same if I use if I use an unknown id or an incorrect password.
Thanks
Terry
More information about the nginx
mailing list