-------- Original Message -------- Subject: Apache::AuthzNIS ... problem? Date: Fri, 6 Feb 2004 17:24:55 +0100 From: <[EMAIL PROTECTED]> Organization: http://freemail.web.de/ To: EdSantiago <[EMAIL PROTECTED]>, ShannonEricPeevey <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED], [EMAIL PROTECTED]
Hello Guys
Me again with a different problem - but I think this time it is more for Shannon. I am no success with Apache::AuthzNIS (HPUX 11i).
My httpd.conf reads:
<Directory "/pkg/vdc52/ddts/www/">
AuthName "NIS Authentification" AuthType Basic PerlAuthenHandler Apache::AuthenNIS PerlAuthenHandler Apache::AuthzNIS require valid-user require group user52
</Directory>
My understanding is the following:
1. The user will validated as a NIS user or rather "authenticated" as a NIS user. 2. If the user is not a member of the "user52" group, the "authorisation" fails.
Pointers? Have tried various combinations and all fail ...
Phil
Shannon Eric Peevey <[EMAIL PROTECTED]> schrieb am 04.02.04 18:09:28:
Ed Santiago wrote:
Hi!Hmmm. I can't reproduce on my end, nor can I see any reason why it would fail: Apache::AuthenNIS 1.11 [1] doesn't use $sent_pwd in any context in which dollar-interpolation could take place, and Net::NIS doesn't even know there's a dollar sign in there.
[1] http://search.cpan.org/src/SPEEVES/Apache-AuthenNIS-0.11/AuthenNIS.pm
I suspect that the encrypted password is not what it seems. Here are some things to try:
* For a given user 'joebob', can you run 'ypmatch joebob passwd' and see the encrypted passwd entry in field 2? To make sure, here's a way to check: ypmatch joebob passwd|cut -d: -f2
* Is the encrypted password exactly 13 characters? Pipe the above command through "wc -c", and make sure it returns 14 (13 + newline). If it's anything else, crypt() won't work. You may have inadvertently set up MD5 passwords, or shadow passwords, or (if you hand-edit passwd) perhaps inadvertently gotten the passwd colon fields out of sequence.
* Are you sure the encrypted password is what it should be? Try the following, replacing $clear and $expect with your own values of the cleartext & encrypted password respectively:
perl -e '$clear=q{joebob$0}; $expect=q{ZRiRSCe67JKpY}; $result=crypt($clear,$expect); printf "%s %s\n",$result, ($result eq $expect ? "ok" : "MISMATCH!")'
(just in case it needs to be mentioned: don't muck with the quotes above - you don't want the shell to see the '$'s.)
* Who sets the password? Is it a human, or a script? If human, can you try setting it again (to check for typos)? If a script, perhaps there's dollar-interpolation happening somewhere before the password is encrypted?
* Perhaps stupid question: there aren't any colons in the username, are there? Just being thorough :-)
Best of luck,
^E
Can I forward this to the modperl list? These are great troubleshooting tips!!
thanks, speeves cws
-- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
