Are this the real passwords, or is the actual password for payal one
character longer?
Passwords in NCSA style password files are limited to 8 characters.
Any characters beyond 8 will be ignored. This is an artifact of the
crypt() algorithm.
Note: your http_access rules are quite dangerous. You should delete
the two last allow rules, and replace them by a "deny all" rule.
Currently http_access will never reach these rules, but in future we
may change how http_access behaves in presence of proxy_auth ACL's.
Regards
Henrik
On Sunday 07 April 2002 23:54, Payal wrote:
> Hello,
> I am using authenticated proxy, where some of my settings are as
> follows, authenticate_program /usr/bin/ncsa_auth
> /var/www/html/pay/.htpasswd authenticate_ttl 2 seconds
> acl all src 0.0.0.0/0.0.0.0
> acl localhost src 127.0.0.1/255.255.255.255
> acl payal proxy_auth REQUIRED
> http_access allow payal
> http_access allow all
> http_access allow localhost
> Now I have 2 users in .htpasswd file [ given in unencrypted form
> for the list ]
> payal:macroni
> kumari:chuppa
> Now the problem is that when I type e.g www.somedomain.com in my
> browser, I get an window asking me to authenticate, I give username
> as payal and password as macronii [ with an additional "i" ].
> Still I am allowed access for payal. But this is not so with other
> user. This also happens when I give password as macroniii [ 2
> additional "i" ] but not with 3 additional "i's"
> Why must be this happening? I am suprised with this whole thing. I
> have made my .htpasswd with htpasswd -c .htpasswd payal
> and htpasswd .htpasswd kumari
> Can anyone say what might be the problem?
> Thanks a lot and waiting for a reply for this strange problem.
> -Payal
-- MARA Systems AB, Giving you basic free Squid support Customized solutions, packaged solutions and priority support available on requestReceived on Sun Apr 07 2002 - 16:08:17 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:29 MST