Is this possible to log username and password passed by GET request for basic authentication?I generate link to some part of my website by [URL] ....
It works without any problems for 90% users but some of them got information that there is password mismatch.So I would like to log all request with information about passed login and password in text plain.
I have been trying to get password protected directories working on my Linode server. It works / behaves in a desktop browser somewhat but not like I am used to with hostmonster. Also for some reason my phone (windows phone just loads the page in the protected directory without prompting for a password. So I imagine there is some security thing I am missing that none of the info I have found searching talks about. Here is what I have done. I have created a password file and set the permissions correctly on that and it works on the desktop. However when I close the browser or open a private browsing session I am never prompted for a password again. It just feels insecure. Plus my windows phone just loads the page with no prompt. With hostmonster if I closed the browser window it would ask me for the username and password again. I also tested hostmonster directory passwords on my phone and it prompts for a username/password.
Here is what I have added to the apache2.conf file. The rest is pretty much default. There is no .htaccess file for that directory.
<Directory "/var/www/protected">
AllowOverride All
AuthType basic
AuthName "Enter Login"
AuthUserFile /etc/htpasswd/.htpasswd
Require valid-user
Order deny,allow
Allow from user1
</Directory>
It may be worth noting that I have two virtual sites / domain names running on this server at the moment however the one that is being used for this is the primary domain name.
OS: Debian 7.3
Apache 2.2.22
I have an app that opens a new browser window to a URL that opens a PDF file at a named destination. For example: URL.....I need to authenticate each user that enters this link, but preferably only once per browser session (valid until user closes browser). This authentication process needs to be performed by an oracle-database stored procedure (via a Java servlet, or other technology). Any outline steps or reference link?
The idea would be when the user enters this link, that a popup window appears asking for a username and password, which then get verified by the stored procedure, and then, and only then, the URL address is allowed to proceed.I know I can implement password protection in `.htaccess` as follows.
AuthType Basic
AuthName "Secured Area"
AuthUserFile /path/to/.htpasswd
<Files "myFile.pdf">
Require valid-user
</Files>
But, I need this process to connect to the stored procedure to validate the user, because this stored procedure has to apply business logic to determine the users' subscription status, etc., which can change at any time.
Is it possible to pass the username and password info to a Cpanel login, so that typing it in will let the user log in to his Cpanel without having him to type it manually?
This is for a demo and I'd like the client to see the inside without having to type anything in.
I tried this but it didn't work:
[url]
each time i migrate a Domain from a plesk 9.5.5 Windows Hosting Server towards the new plesk 11.5 Server the customers iusr Password does not match the Systems iusr Password.so after each Migration the Website is requesting a username and Password.
1. how to solve that for the whole Installation?
2. at plesk 7.5 and later there was a Workaround which is not anymore supported: websrvmng.exe –update-anon-password –domain-name=yourdomain.com
I am trying to install Joomla on httpme.com but I seem to have problems with it recognising the username/password. Could it be a localhost issue or something?
I just can't seem to get a solution to this. I am referring to step 1 of the Joomla installation.
I am using user authentication with the following components:
Apache/2.4.10 (Win32) + mod_auth_basic + mod_authn_dbd + mod_dbd + ODBC Driver + Microsoft SQL Server 2008(SP3).
It works fine except when I do not provide any username when browser asks for username and password. In this case I receive the "Internal Server Error" as the response instead of "Unauthorized" response.
The most interesting part of the error.log is:
[Sat Sep 27 21:23:17.639860 2014] [authn_dbd:error] [pid 1208:tid 1636] [client 127.0.0.1:1363] AH01656: Query execution error looking up '' in database [[dbd_odbc] SQLBindParameter returned SQL_ERROR (-1) at apr_dbd_odbc.c:604 [Microsoft][ODBC SQL Server Driver]Invalid precision value HY104 ]
The AuthDBDUserPWQuery directive in my httpd.conf is:
AuthDBDUserPWQuery "SELECT password FROM member WHERE CONVERT(VARCHAR(10), member_Index) = %s"
And the member_Index column in the database is smallint.
I am unable to get A username and password requested by http://127.0.0.1:8080. "Tomcat Manager Application"..I created userid and password in tomcat-users.x.
View 4 Replies View RelatedI would to use: htdigest -c filename.htpasswd Group usernamein file batch to insert a set of users with password.I can use it without having to enter the password from the keyboard?I tried echo pass| htdigest -c filename.htpasswd Group username but it does not work.
View 1 Replies View RelatedWhat is the proper way. to password protect a directory for apache 2.4.7. Information i gather seems to not work.
View 4 Replies View RelatedWhere can I get examples to create login ID and password with changing of password function for valid user to access apache web server?
View 3 Replies View RelatedI would like my entire website to be password protected except for one file called allowThisFileWithoutPassword.php.
How could this be accomplished. Below is my attempt :
Code:
<VirtualHost *:80>
ServerName example.com
ServerAlias *.example.com
# ServerSignature Off
ErrorDocument 404 /error-404.html
DocumentRoot /var/www/html
<Directory "/var/www/html">
[Code] .....
I want to setup a password for a website running on Ubuntu server, and find Apache can be used. It is implemented by config httpd.conf file and .htaccess file.
So I want to ask:
1. In this case, the password is setup for a path on the server configured in httpd.conf file. Like in the following example:
Code: <Directory "/var/www/html/MySite">
The password is setup for the path to Mysite,right?
2. If my content of website is not stored under /var/www folder, I cannot use this way to setup a password for website, right? May use PHP instead?
I'm trying to set up password protection on an Apache HTTP server, and it's not working.
First, the environment: Apache 2.4.4 installed with XAMPP Control Panel 3.2.1 under Windows 7 Professional.
http.config says "AllowOverride All."
The .htaccess file in the protected directory says:
Code:
htpasswd -c .htpasswd samples
htpasswd prompted me for the password twice, and I entered it twice. When it quit I had a file named .htpasswd in the subsidy directory. I typed it and its contents looked correct according to the examples I've seen.
Then I restarted Apache and tried to load a page from the directory. The browser simply prompted me for the username and password over and over.
The Apache error log says, "AH01617: user samples: authentication failure for "/subsidy/filename.html": Password Mismatch."
I deleted the .htpasswd file and ran htpasswd again, specifying a different (very simple) password. I also confirmed that caps lock was not on both before and after. I restarted the server, tried to load a page, and got the same problem.
Apache seems to think I'm entering the wrong password, but that seems impossible when I've just defined it myself -- and I've tried twice, intentionally choosing a very simple password the second time. If the message means what it says, the cause must be something very different from the obvious one.
Im using apache2.2 on Ubuntu 12.04. Im trying to password protect a page using htacces and/or the directory command.
Basically no matter what method I use to try and password the index page it doesnt work. I can protect pages and dir's below, but not in the root www of a vhost.
basically:
/home/cackles/mysite with index.html and .htaccess will allow index.html to load and wont prompt for a pass until the page is refreshed.
/home/cackles/mysite/subdir will prompt for a pass before it goes any further.
I purged and started from scratch again last night and for nothing, it would seem, well I learned/refreshed a few things so it wasnt a complete bust ... just 7hrs
I get the following error when let my site connect to my database: Access denied for user 'apache'@'localhost' (using password: NO)
But when im running lil test script which connect to my localhost with the same passwords and it gives the status 'Connection OK' (im running on admin account, made a MySQL account with DA)
Code:
<?php $link = mysql_connect('localhost','admin_removed','removed'); if (!$link) { die('Could not connect to MySQL: ' . mysql_error()); } echo 'Connection OK'; mysql_close($link); ?>
Everyday after Backup Panel (Tasks from Backup Manager), I receive next error:
<?xml version="1.0" encoding="utf-8"?>
<execution-result status="error">
<object name="domain.ru" type="domain">
<message severity="error" id="416a91ad-e5e7-480b-b6b4-a60157b8eaae" code="InformationalException">
<description>Could not find password for account id '2648'. Return empty password</description>
</message>
</object>
</execution-result>
Resolve -> only reconfigure domain. How can I automatic fix this problem?
today i changed the password for the admin panel for a customer (username eg. mylogin). 10 minutes later he called me and said that he cannot get into his emailaccount anymore. Checked the password and saw that the emailpassword for his emailaddress (eg. mylogin@mydomain.com) is now the same from the admin panel login. So i changed the emailpassword and checked the admin panel login - it now has the emailpassword. What a mess.. I'm running Plesk Panel 11.5.30 MU47.
View 1 Replies View RelatedHow to change the Password of my FTP?
I know how to change the pwd. of cPanel, but I don't know how to change the pwd. of FTP?
I have 2 domain names with 2 usernames setup on WHM:
domain1.com - domain1
domain2.com - domain2
I would like domain2.com website visitors to upload photos to a domain1 path. Unfortunately I can't, I think the problem is with the usernames and the fact that the path where I would like to add the photos belongs to domain1 user. The chmod is 777.
How can I set this up on WHM so domain2.com visitors can upload photos to a domain1 username path?
My server with APF (firewall script) with BFD logs over 1215 events today of some hack user or bot trying to login to my server from various of IP trying many kind of usernames...
Is it possible to customize BFD to automatically ban the IP directly if the username they try to login with it was wrong 2 times?
For example the username is qwerty
The hack is trying with many usernames john, root, master, boot, etc...
How do I disable cpanel's www.site.com/~userhome/ jumping? I can't find anything on Google.
View 4 Replies View RelatedHow do I login to root with my sudo username and password? I do type su - in putty, but it gives me a "Disconnected: No supported authentication methods available."
View 6 Replies View Related