>Number: 1651 >Category: os-windows >Synopsis: Username/PW in htpasswd file not interpreted correctly >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Sun Jan 11 16:50:00 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3b3 >Environment: Win32 - NT 4.0, SP 3.0 Compiler - MSVC >Description: I'm attempting to set-up authentication. Realizing that crypt()-like functionality isn't available on NT (yet), my pw file looks like the following:
dave:tiger When requesting anything in the "protected" area, I'm prompted (correctly) for user name/pw. I enter dave for name and tiger for pw. It fails. The error_log tells me that: [Sun Jan 11 16:35:51 1998] [error] user dave: password mismatch: /cgi-shl/junk.cgi Now for the interesting part -- if I modify my pw file so it looks like: dave: (that is it has no pw) everything works just fine. So I think there may be some problem with the way pw's on interpreted (or user names w/pw's...) >How-To-Repeat: I can provide you with more specific info via email >Fix: >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
