I am running Apache 1.3.21 with the indigo modified version and I am having
troubles with the password management.
Here's the deal. If I use the htpasswd.exe that came with Apache to generate
a password, it works great. No problems. However, I downloaded some password
management scripts to be able to add and remove users to the .htpasswd file
through a cgi interface. When I do this the encryption must throw something
off because those users will not be able to work. I can open the .htpasswd
file that those scripts use to add the users and I see the changes it makes.
However, those new users can't login!
Anybody have any ideas?
I am using Windows 2000 Server with Apache.
Thanks,
Eric
Most likely, those "password management scripts" you mentioned work
with the default crypt() function in Perl to encrypt passwords, and crypt()
generates a DES hash. But Apache on Windows (and the htpasswd.exe
program) works with MD5 hashes instead of DES, so it doesn't understand
the passwords generated by your scripts.
One way to solve this is to patch your management scripts as follows :
# install this module via ppm first
use Crypt::PasswdMD5;
# replace all crypt() calls with apache_md5_crypt()
use subs 'crypt';
sub crypt {
my ($password,$salt) = @_;
return apache_md5_crypt($password,$salt);
}
Good luck,
Michel.
--
Welcome to Mike's Pub
http://mikespub.net/forum/
-Eric
"Michel Dalle" <ne...@mikespub.net> wrote in message
news:9rk2e5$uaf$1...@dackel.pdb.sbs.de...
this works...!!!
"Eric Rosebrock" <ERIC@(NOSPAM)3dhavoc.net> wrote in message
news:yNgD7.1161798$ai2.88...@bin2.nnrp.aus1.giganews.com...