Solved

login dialog

Posted on 1999-01-26
16
187 Views
Last Modified: 2010-04-09
How do you have a login dialog pop every time a user comes to a page for the first time in a session.  I basically want  the expert-exchange login.
0
Comment
Question by:danGynn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 7
16 Comments
 
LVL 6

Expert Comment

by:PBall
ID: 1845694
Server side authentication.  Different server, different way to do it.

See paqs in this category or authoring category, plenty answered there.
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845695
What's the server software? Apache?
Here's what to do:
1. Create the directory you want to protect and a directory where the passwords should be kept (shouldn't be accessible from the net).

2. Modify .htaccess in that directory, so it looks similar to:

    AuthUserFile /var/www-passwords/.htpasswd
    AuthName "Restricted area"
    AuthType Basic
    require valid-user

3. Create the password file .htpasswd using the program htpasswd for each user (-c is for creating the file. Only needed the first time)

    htpasswd -c /var/www-passwords/.htpasswd user1
    htpasswd /var/www-passwords/.htpasswd user2
    htpasswd /var/www-passwords/.htpasswd user3
    and so on...

4. Try to access a file in the protected directory

Martin
0
 

Author Comment

by:danGynn
ID: 1845696
martinag:

Yes, I am using Apache.  I followed your steps, but when I tried to access a simple page that I copied over to that directory I got the following error message:

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have
done that may have caused the error.

Premature end of script headers: /home/httpd/cgi-bin/pwdhtml/about.html


Any ideas?
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 
LVL 4

Expert Comment

by:martinag
ID: 1845697
Look into /var/log/apache/error.log
What error messages do you find (the new ones are at the bottom)?

Also, you've got about.html in cgi-bin. Maybe that's what causing the error? Apache is expecting a CGI. I just tried putting a HTML file in the cgi-bin and it didn't work (Internal Server Error just like you). Try protecting a directory in the WWW directory (probably /var/www).

Martin
0
 

Author Comment

by:danGynn
ID: 1845698
Oh, that was the problem why I got the error.  But now that the directory is in the WWW directory, I added the .htaccess file again and viewed the page, but it just showed the page with no login prompt.
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845699
Hmmm...
Aah, now I remember. I had the same problem when I did this myself and it turned out to be a setting thing.
In /etc/apache/settings.conf you'll find this line:
  AllowOverride None
Change to
  AllowOverride All

I usually comment out the old line and add a comment on why I changed and the date. Example:
  # AllowOverride None
  # Changed 27/1/98 to make Apache read the .htaccess files
  AllowOverride All

Martin
0
 

Author Comment

by:danGynn
ID: 1845700
I don't seem to have an apache directory.  Any ideas on where else that file may be?  Also, will I be able to access that login name after some one logs in?
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845701
Hmm... I'll check out where it could be.

The name (danGynn, martinag etc) will be stored in the environment variable REMOTE_USER.
For example, if you use Perl, you'd use
  $ENV{'REMOTE_USER'}

Note that you can't access the password.

Martin
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845702
I haven't found any kind of list like 'the ten most common paths to the Apache directory', so you'll have to do a search (this may take some time...):
find / -name apache -print

Write the list down and try the directories one by one...

Martin
0
 

Author Comment

by:danGynn
ID: 1845703
I believe that I found the file, although, in my version of Apache it is called access.conf.  But it seems to be the right one.  I think that I need to do a restart on the web server though before it takes effect.  Do you remember the command oh hand?
0
 

Author Comment

by:danGynn
ID: 1845704
Okay, I restarted the web server after adding the 'AllowOverride All' line, but it still is just showing the page without a login prompt.
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845705
Did you change 'the right' AllowOverride? In access.conf you might have many blocks of <Directory xxx> ... </Directory>.
Did you change the AllowOverride inside <Directory /var/www></Directory>?

Did you remember the dot in .htaccess?

I can't think of much more that could be wrong. Maybe you'll get some help from http://www.apache.org/docs/misc/FAQ.html

BTW, How did you restart Apache? Here's how to do it properly: http://www.apache.org/docs/stopping.html
You'll find the PidFile location in /etc/apache/httpd.conf

Martin
0
 

Author Comment

by:danGynn
ID: 1845706
martinag:

Hey, thanks a lot for your help!  It's doing what I want it to now.  Answer the question for the points.

Dan
0
 
LVL 4

Accepted Solution

by:
martinag earned 100 total points
ID: 1845707
Ok.
In case I see this question again... What was wrong?

Martin
0
 

Author Comment

by:danGynn
ID: 1845708
I'm not really sure what was wrong exactly.  I followed the instructions from the Apache FAQ.  One of the differences was the order of lines in the .htaccess file.  The other was instead of AllowOverride All, I used AllowOverride AuthConfig.  I'm not sure which it was though.  Thanks for the help though.
0
 
LVL 4

Expert Comment

by:martinag
ID: 1845709
Any time :-)

Martin
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SASS allows you to treat your CSS code in a more OOP way. Let's have a look on how you can structure your code in order for it to be easily maintained and reused.
This article discusses four methods for overlaying images in a container on a web page
In this tutorial viewers will learn how to embed videos in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: "<!DOCTYPE html>": Use the <video> tag to insert a video. Define the src as the URL of your video; this is similar to …
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question