login dialog

How do you have a login dialog pop every time a user comes to a page for the first time in a session.  I basically want  the expert-exchange login.
danGynnAsked:
Who is Participating?
 
martinagCommented:
Ok.
In case I see this question again... What was wrong?

Martin
0
 
PBallCommented:
Server side authentication.  Different server, different way to do it.

See paqs in this category or authoring category, plenty answered there.
0
 
martinagCommented:
What's the server software? Apache?
Here's what to do:
1. Create the directory you want to protect and a directory where the passwords should be kept (shouldn't be accessible from the net).

2. Modify .htaccess in that directory, so it looks similar to:

    AuthUserFile /var/www-passwords/.htpasswd
    AuthName "Restricted area"
    AuthType Basic
    require valid-user

3. Create the password file .htpasswd using the program htpasswd for each user (-c is for creating the file. Only needed the first time)

    htpasswd -c /var/www-passwords/.htpasswd user1
    htpasswd /var/www-passwords/.htpasswd user2
    htpasswd /var/www-passwords/.htpasswd user3
    and so on...

4. Try to access a file in the protected directory

Martin
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
danGynnAuthor Commented:
martinag:

Yes, I am using Apache.  I followed your steps, but when I tried to access a simple page that I copied over to that directory I got the following error message:

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have
done that may have caused the error.

Premature end of script headers: /home/httpd/cgi-bin/pwdhtml/about.html


Any ideas?
0
 
martinagCommented:
Look into /var/log/apache/error.log
What error messages do you find (the new ones are at the bottom)?

Also, you've got about.html in cgi-bin. Maybe that's what causing the error? Apache is expecting a CGI. I just tried putting a HTML file in the cgi-bin and it didn't work (Internal Server Error just like you). Try protecting a directory in the WWW directory (probably /var/www).

Martin
0
 
danGynnAuthor Commented:
Oh, that was the problem why I got the error.  But now that the directory is in the WWW directory, I added the .htaccess file again and viewed the page, but it just showed the page with no login prompt.
0
 
martinagCommented:
Hmmm...
Aah, now I remember. I had the same problem when I did this myself and it turned out to be a setting thing.
In /etc/apache/settings.conf you'll find this line:
  AllowOverride None
Change to
  AllowOverride All

I usually comment out the old line and add a comment on why I changed and the date. Example:
  # AllowOverride None
  # Changed 27/1/98 to make Apache read the .htaccess files
  AllowOverride All

Martin
0
 
danGynnAuthor Commented:
I don't seem to have an apache directory.  Any ideas on where else that file may be?  Also, will I be able to access that login name after some one logs in?
0
 
martinagCommented:
Hmm... I'll check out where it could be.

The name (danGynn, martinag etc) will be stored in the environment variable REMOTE_USER.
For example, if you use Perl, you'd use
  $ENV{'REMOTE_USER'}

Note that you can't access the password.

Martin
0
 
martinagCommented:
I haven't found any kind of list like 'the ten most common paths to the Apache directory', so you'll have to do a search (this may take some time...):
find / -name apache -print

Write the list down and try the directories one by one...

Martin
0
 
danGynnAuthor Commented:
I believe that I found the file, although, in my version of Apache it is called access.conf.  But it seems to be the right one.  I think that I need to do a restart on the web server though before it takes effect.  Do you remember the command oh hand?
0
 
danGynnAuthor Commented:
Okay, I restarted the web server after adding the 'AllowOverride All' line, but it still is just showing the page without a login prompt.
0
 
martinagCommented:
Did you change 'the right' AllowOverride? In access.conf you might have many blocks of <Directory xxx> ... </Directory>.
Did you change the AllowOverride inside <Directory /var/www></Directory>?

Did you remember the dot in .htaccess?

I can't think of much more that could be wrong. Maybe you'll get some help from http://www.apache.org/docs/misc/FAQ.html

BTW, How did you restart Apache? Here's how to do it properly: http://www.apache.org/docs/stopping.html
You'll find the PidFile location in /etc/apache/httpd.conf

Martin
0
 
danGynnAuthor Commented:
martinag:

Hey, thanks a lot for your help!  It's doing what I want it to now.  Answer the question for the points.

Dan
0
 
danGynnAuthor Commented:
I'm not really sure what was wrong exactly.  I followed the instructions from the Apache FAQ.  One of the differences was the order of lines in the .htaccess file.  The other was instead of AllowOverride All, I used AllowOverride AuthConfig.  I'm not sure which it was though.  Thanks for the help though.
0
 
martinagCommented:
Any time :-)

Martin
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.