Solved

login dialog

Posted on 1999-01-26
16
178 Views
Last Modified: 2010-04-09
How do you have a login dialog pop every time a user comes to a page for the first time in a session.  I basically want  the expert-exchange login.
0
Comment
Question by:danGynn
  • 8
  • 7
16 Comments
 
LVL 6

Expert Comment

by:PBall
ID: 1845694
Server side authentication.  Different server, different way to do it.

See paqs in this category or authoring category, plenty answered there.
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845695
What's the server software? Apache?
Here's what to do:
1. Create the directory you want to protect and a directory where the passwords should be kept (shouldn't be accessible from the net).

2. Modify .htaccess in that directory, so it looks similar to:

    AuthUserFile /var/www-passwords/.htpasswd
    AuthName "Restricted area"
    AuthType Basic
    require valid-user

3. Create the password file .htpasswd using the program htpasswd for each user (-c is for creating the file. Only needed the first time)

    htpasswd -c /var/www-passwords/.htpasswd user1
    htpasswd /var/www-passwords/.htpasswd user2
    htpasswd /var/www-passwords/.htpasswd user3
    and so on...

4. Try to access a file in the protected directory

Martin
0
 

Author Comment

by:danGynn
ID: 1845696
martinag:

Yes, I am using Apache.  I followed your steps, but when I tried to access a simple page that I copied over to that directory I got the following error message:

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have
done that may have caused the error.

Premature end of script headers: /home/httpd/cgi-bin/pwdhtml/about.html


Any ideas?
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845697
Look into /var/log/apache/error.log
What error messages do you find (the new ones are at the bottom)?

Also, you've got about.html in cgi-bin. Maybe that's what causing the error? Apache is expecting a CGI. I just tried putting a HTML file in the cgi-bin and it didn't work (Internal Server Error just like you). Try protecting a directory in the WWW directory (probably /var/www).

Martin
0
 

Author Comment

by:danGynn
ID: 1845698
Oh, that was the problem why I got the error.  But now that the directory is in the WWW directory, I added the .htaccess file again and viewed the page, but it just showed the page with no login prompt.
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845699
Hmmm...
Aah, now I remember. I had the same problem when I did this myself and it turned out to be a setting thing.
In /etc/apache/settings.conf you'll find this line:
  AllowOverride None
Change to
  AllowOverride All

I usually comment out the old line and add a comment on why I changed and the date. Example:
  # AllowOverride None
  # Changed 27/1/98 to make Apache read the .htaccess files
  AllowOverride All

Martin
0
 

Author Comment

by:danGynn
ID: 1845700
I don't seem to have an apache directory.  Any ideas on where else that file may be?  Also, will I be able to access that login name after some one logs in?
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845701
Hmm... I'll check out where it could be.

The name (danGynn, martinag etc) will be stored in the environment variable REMOTE_USER.
For example, if you use Perl, you'd use
  $ENV{'REMOTE_USER'}

Note that you can't access the password.

Martin
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 4

Expert Comment

by:martinag
ID: 1845702
I haven't found any kind of list like 'the ten most common paths to the Apache directory', so you'll have to do a search (this may take some time...):
find / -name apache -print

Write the list down and try the directories one by one...

Martin
0
 

Author Comment

by:danGynn
ID: 1845703
I believe that I found the file, although, in my version of Apache it is called access.conf.  But it seems to be the right one.  I think that I need to do a restart on the web server though before it takes effect.  Do you remember the command oh hand?
0
 

Author Comment

by:danGynn
ID: 1845704
Okay, I restarted the web server after adding the 'AllowOverride All' line, but it still is just showing the page without a login prompt.
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845705
Did you change 'the right' AllowOverride? In access.conf you might have many blocks of <Directory xxx> ... </Directory>.
Did you change the AllowOverride inside <Directory /var/www></Directory>?

Did you remember the dot in .htaccess?

I can't think of much more that could be wrong. Maybe you'll get some help from http://www.apache.org/docs/misc/FAQ.html

BTW, How did you restart Apache? Here's how to do it properly: http://www.apache.org/docs/stopping.html
You'll find the PidFile location in /etc/apache/httpd.conf

Martin
0
 

Author Comment

by:danGynn
ID: 1845706
martinag:

Hey, thanks a lot for your help!  It's doing what I want it to now.  Answer the question for the points.

Dan
0
 
LVL 4

Accepted Solution

by:
martinag earned 100 total points
ID: 1845707
Ok.
In case I see this question again... What was wrong?

Martin
0
 

Author Comment

by:danGynn
ID: 1845708
I'm not really sure what was wrong exactly.  I followed the instructions from the Apache FAQ.  One of the differences was the order of lines in the .htaccess file.  The other was instead of AllowOverride All, I used AllowOverride AuthConfig.  I'm not sure which it was though.  Thanks for the help though.
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845709
Any time :-)

Martin
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses four methods for overlaying images in a container on a web page
This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
The viewer will receive an overview of the basics of CSS showing inline styles. In the head tags set up your style tags: (CODE) Reference the nav tag and set your properties.: (CODE) Set the reference for the UL element and styles for it to ensu…
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now