[EMAIL PROTECTED] wrote:
>
> I have tried setting "tellnews_pass XXXXXX" in dnewsweb.ini.
> This prevents the login dialog from showing up but I get an error instead. I
> get "News host authentication failed: 502 Please modify your client to use
> SSL {sestow1099}, Goodbye" i.e. the one I specify in dnews.conf.
Adding a default_user setting in dnewsweb.ini as well should fix it.
The user must also
exist in user.dat. See my other reply.
Regards,
Brian
--------------------------------------------------------------
Note: If you are using Dnewsweb version prior to 5.4f3 we recommend
you upgrade due to a potential security issue found in those versions.
Customer Support (private) -- [EMAIL PROTECTED]
Mailing list Support (public) -- [EMAIL PROTECTED]
Online Manual -- http://netwinsite.com/dnews/manual.htm
Netwinsite search engine -- http://www.netwinsite.com/find.htm
Online FAQ -- http://netwinsite.com/dnews/faq.htm
Mailing list archive --
http://www.netwinsite.com/cgi/dnewsweb.cgi?cmd=xover&group=netwin.dnews
ftp://ftp.netwinsite.com/pub/netwinsite
Note: To UNSUBSCRIBE from the dnews mailing list send
to [EMAIL PROTECTED] a message with the body
containing one line, unsubscribe
To post to the mailing list send to [EMAIL PROTECTED]
>
> /Erik
>
> "Erik Alsmyr" <[EMAIL PROTECTED]> wrote in message
> news:3a014b91$[EMAIL PROTECTED]...
> > I have done what you specify in your answer below. The following is now my
> > problem:
> >
> > I cannot allow users from 127.0.0.1 in access.conf to read and write
> without
> > authentication since sslwrap talks to DNEWS from this IP. This would allow
> > annonymous access when going through sslwrap.
> >
> > So, I put "127.0.0.1:read,post:$lookup$:$lookup$:*:" as my only access
> rule
> > in access.conf. This prompts ssl users for password when conecting. All is
> > well.
> >
> > When using the DnewsWeb interface however, the users authenticate with the
> > IIS on my server and after this is free to use DnewsWeb without
> > authenticating once again against DNEWS, this providing a single login to
> > the entire system. I guess that DnewsWeb talks to DNEWS in tha same manner
> > as sslwrap (from127.0.0.1) because now I get prompted for username and
> > password when accessing.
> >
> > Can this be solved by configurating DnewsWeb to submit a username and
> > password automatically? This user will exist only on the server and noone
> > will notice beeing loged in as it (I do not use personilized features in
> > dnewsweb).
> >
> > Best regards,
> > Erik Alsmyr
> >
> > "> >3. The DNEWs server still answers on port 119. This allows uers to
> login
> > > >with the password unencrypted if they didn't follow the instructions to
> > > >change their client to use SSL. Can I make DNEWS send a customized
> > > >errormessage on port 119 before asking for password athentication? If
> not
> > > >can I prevent DNEWS from answering on port 119?
> > >
> > > yes sort of, add to dnews.conf
> > > nntp_logoff Please modify your client to use SSL
> > > And in access.conf add:
> > > *:logoff:::*
> > > 127.0.01:read,post:::*
> > > I think that will do the trick, basically their is a fault in the ssl
> > > wraping in that
> > > the connections appear to come from the local host, and you can exploit
> > that
> > > to refuse connections that don't come from the local host. The down
> side
> > > is you really need to use user/passwords for access control as ip
> > addresses
> > > are not applied in access.conf correctly.
> > >
> > > ChrisP.
> >
> >
> >
