SOLVED - -webusers and .htpasswd

ZaggyZaggy NullPointerExceptionThe Netherlands Join Date: 2003-12-10 Member: 24214Forum Moderators, NS2 Playtester, Reinforced - Onos, Subnautica Playtester
edited November 2012 in Server Discussion
<div class="IPBDescription">How does this work?</div>Fix: When using the <a href="http://www.askapache.com/online-tools/htpasswd-generator" target="_blank">.htpasswd generator</a>, use <b>digest </b>as Encryption Algorithm , not md5!

More specifically, where to put the .htpasswd file?
What to fill in at the -webusers parameter? filename? direct path to filename?
If I put it next to Server.exe I will get a login screen but it will keep looping, anywhere else I will get an empty page.

Used the .htpasswd generator from <a href="http://www.askapache.com/online-tools/htpasswd-generator/" target="_blank">http://www.askapache.com/online-tools/htpasswd-generator/</a> as described in Dedicated_Server_Usage.txt
Copied over the line with username <md5sum>

Comments

  • MaxunitMaxunit Join Date: 2005-02-01 Member: 39414Members, Reinforced - Shadow
    I think the htpasswd route isn't working properly, because you already get a Username & Password box whenever you open the Web Interface or aren't you using the -webuser parameter with the password parameter? Whenever I want to access my Web Interface, I get a htaccess/htpasswd styled popup login box and if I enter the wrong info, I get no access.
  • Silent262Silent262 Join Date: 2012-09-21 Member: 160267Members
    I receive the exact same treatment as Zaggy, and have tried without enabling the -webuser/-webpassword system. If that system is left engaged, the account you had set up with it does not work when the -webusers switch is in place.
  • MaxunitMaxunit Join Date: 2005-02-01 Member: 39414Members, Reinforced - Shadow
    I just tried it.

    If you use the -webuser and password switch in the command line, then you cannot use an additional htaccess access.

    Either htaccess or commandline parameter, where I'm not sure, which is more secure.
  • Silent262Silent262 Join Date: 2012-09-21 Member: 160267Members
    I have tried with and without... Stupid question, how old is your .htpasswd file? Does it use the Apache hash starting with $aprl$ or does it use the old system?
  • WhosatWhosat Singapore Join Date: 2006-11-03 Member: 58301Members, Reinforced - Shadow
    <!--quoteo(post=2011277:date=Nov 6 2012, 12:49 AM:name=Maxunit)--><div class='quotetop'>QUOTE (Maxunit @ Nov 6 2012, 12:49 AM) <a href="index.php?act=findpost&pid=2011277"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->I just tried it.

    If you use the -webuser and password switch in the command line, then you cannot use an additional htaccess access.

    Either htaccess or commandline parameter, where I'm not sure, which is more secure.<!--QuoteEnd--></div><!--QuoteEEnd-->

    The htaccess method is more secure since it hashes your password. Using the single-user -webuser and -webpass exposes the password in the commandline so it may not be as secure especially when you have other people accessing your server box.
  • crunchycatcrunchycat Join Date: 2012-11-02 Member: 166082Members
    I can't figure this out either... I put in -webusers .htpasswd and it won't take the login/password, it'll just keep looping. I don't have -webuser or -webpassword set.
  • MurphyIdiotMurphyIdiot NS2 programmer Join Date: 2008-04-17 Member: 64095Members, Super Administrators, NS2 Developer, Subnautica Developer, Pistachionauts, Future Perfect Developer
    edited November 2012
    <!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->-webadmin            Enables the web server
    -webuser [username]         Specifies the user name for logging into the web server
    -webpassword [password]         Specifies the password for logging into the web server
    -webusers [file name]       Loads username/password data from the specified .htpasswd file<!--c2--></div><!--ec2-->

    -webadmin (without any arguments) will enable the web server interface. If you use this without the other commands, you can use the web server without having to enter in any users or passwords (obviously this is not secure but it is useful for initial setup or whatever).

    The -webuser and -webpassword are used in case you want to define the users and passwords on the command line. In most cases, you will want to setup a .htpasswd file. You can place the .htpasswd file where ever you want as long as you give the full path to the -webusers command.

    Here is the section of the Dedicated_Server_Usage.txt file that explains how everything works:

    <!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->The dedicated server includes a web server which can be used to configure the server.
    To use the web admin interface, start the dedicated server wuth the -webadmin command
    line option and open http://localhost/index.html in your browser.

    If you would like to access the web admin interface from a remote computer, you will
    need to set up at least one user. The dedicated server has two ways to configure
    users for the web admin. The first is using the -webuser and -webpassword options.
    This will setup the login information for a single user that can be entered when your
    web browser prompts you for log in information.

    If you would like to set up multiple users or do not want the password to be stored
    in plaintext, you can specify a .htpasswd file using the -webusers command line option.
    A .htpasswd file can be generated using the same tools you would use for configuring
    an Apache web server. An online tool is available here:

        http://www.askapache.com/online-tools/htpasswd-generator


    When using this tool, you will want to set the encryption mode to MD5 and the realm
    or popup name to whatever you specify for the -webdomain parameter (or localhost if
    you don't specify webdomain).

    If you are going to access the web server from an internet address, you will need
    to specify the address using the -webdomain command line option. If you have multiple
    IP addresses, this can also be used to select which one the web server will be
    bound to. You can also run multiple web servers on the same machine on different ports
    using -webport.<!--c2--></div><!--ec2-->

    If it is NOT working this way, please let us know what the problem is.
  • Silent262Silent262 Join Date: 2012-09-21 Member: 160267Members
    Murphy, I am fairly certain that both Zaggy and I have followed the directions in the dedicated_server_usage.txt.

    The issue that we face varies based on the location of .htpasswd If htpasswd is in the root directory, the login popup does not accept any information (it merely asks for login for all eternity). If htpasswd is in another directory (we have tried the /ns2/web directory and /ns2) a white page appears and nothing happens. We are using newly generated apache-style md5 hashes.

    If you need more information, let me know!
  • crunchycatcrunchycat Join Date: 2012-11-02 Member: 166082Members
    Here's what my setup looks like:

    Server shortcut:

    C:\ns2ds\Server.exe -file "C:\ns2ds\settings.txt"

    "settings.txt":

    -config_path "c:\ns2ds\config"
    -name "testserver"
    -webadmin
    -webport 81
    -webusers "c:\.htpasswd"
    -map ns2_tram
    -limit 24
    -webdomain "ipaddress"

    I copied over the username:hash and created the .htpasswd in the C:\ directory.

    The message I get when I try to access the page:

    Access to the webpage was denied
    You are not authorized to access the webpage at <a href="http://ipaddress:81/index.html" target="_blank">http://ipaddress:81/index.html</a>. You may need to sign in.
    HTTP Error 403 (Forbidden): The server refused to fulfill the request.


    If I place the .htpasswd in the server install directory, "C:\NS2DS", I will get the .htpasswd login prompt but it won't take my username or password that I specified.
  • ZaggyZaggy NullPointerException The Netherlands Join Date: 2003-12-10 Member: 24214Forum Moderators, NS2 Playtester, Reinforced - Onos, Subnautica Playtester
    edited November 2012
    <!--quoteo(post=2013310:date=Nov 7 2012, 12:21 AM:name=MurphyIdiot)--><div class='quotetop'>QUOTE (MurphyIdiot @ Nov 7 2012, 12:21 AM) <a href="index.php?act=findpost&pid=2013310"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec--><snip><!--QuoteEnd--></div><!--QuoteEEnd-->

    Thanks for the reply Murphy!

    <!--quoteo(post=2013336:date=Nov 7 2012, 12:40 AM:name=Silent262)--><div class='quotetop'>QUOTE (Silent262 @ Nov 7 2012, 12:40 AM) <a href="index.php?act=findpost&pid=2013336"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->Murphy, I am fairly certain that both Zaggy and I have followed the directions in the dedicated_server_usage.txt.

    The issue that we face varies based on the location of .htpasswd If htpasswd is in the root directory, the login popup does not accept any information (it merely asks for login for all eternity). If htpasswd is in another directory (we have tried the /ns2/web directory and /ns2) a white page appears and nothing happens. We are using newly generated apache-style md5 hashes.

    If you need more information, let me know!<!--QuoteEnd--></div><!--QuoteEEnd-->

    What he said, the location appears to determine whether we get a login screen or not.
    For .htpasswd:
    If not placed next to the Server.exe file, browsing to the webpage will render a blank page.
    If you do place it next to the Server.exe file, a login screen will pop up but it will keep popping up, regardless of login info used.

    My startup script:
    DISPLAY=:1 screen -A -m -d -S ns2 wine Server.exe -name "NL :: 228 :: zaggynl's test server" -webadmin -webdomain 141.138.149.70 -webusers "/home/<username>/ns2server/ns2/.htpasswd" -webport <port> -map ns2_docking -ip 141.138.149.70 -port 27015 -limit 16

    .htpassword locations tried:
    /home/<username>/ns2server/.htpasswd (blank page)
    /home/<username>/ns2server/ns2/.htpasswd (returning login screen)

    Working startup script:
    DISPLAY=:1 screen -A -m -d -S ns2 wine Server.exe -name "NL :: 228 :: zaggynl's test server" -webadmin -webdomain 141.138.149.70 -webuser admin -webpassword <password> -webport <port> -map ns2_docking -ip 141.138.149.70 -port 27015 -limit 16
    Note: /home/<username>/ns2server/ns2/.htpasswd should NOT be present or there will be a re-occurring login prompt.
  • SynergiSynergi Join Date: 2012-11-07 Member: 167921Members
    U need to specify the REALM in the .htpasswd

    [USER]:[MD5HASHPASS]:[REALM as in -webdomain]

    Then u can place the htpasswd where u want. But the problem with no user is able to access will still be. As it is on my Server. I cant get access due to htpasswd
  • MurphyIdiotMurphyIdiot NS2 programmer Join Date: 2008-04-17 Member: 64095Members, Super Administrators, NS2 Developer, Subnautica Developer, Pistachionauts, Future Perfect Developer
    I have been looking into the problems you all have been having with .htpasswd and I was able to reproduce the problem where the login screen appears over and over again even with the correct login information. So we are looking into that in more detail now.

    The problem where the site doesn't render I am not sure about but assuming you use the full path to the .htpasswd file, it will load it correctly. So it really shouldn't matter where you put that file assuming you use the full, non-relative path. The relative path will work if it is relative to the working directory.
  • MaxMax Technical Director, Unknown Worlds Entertainment Join Date: 2002-03-15 Member: 318Super Administrators, Retired Developer, NS1 Playtester, Forum Moderators, NS2 Developer, Constellation, Subnautica Developer, Pistachionauts, Future Perfect Developer
    Apologizes for the confusion, but there is an error in the documentation. When using the Apache tool, you should select "digest" rather than "MD5". I'm adding in some error messages for the next patch to make this type of problem more obvious.
  • Silent262Silent262 Join Date: 2012-09-21 Member: 160267Members
    Max and Murphy, thank you very much. I did think the hash looked a little off, comparable to the previous patches, especially since people were saying same htpasswd files were still working. Cheers!
  • crunchycatcrunchycat Join Date: 2012-11-02 Member: 166082Members
    Thanks guys! Changing to digest worked
  • ZaggyZaggy NullPointerException The Netherlands Join Date: 2003-12-10 Member: 24214Forum Moderators, NS2 Playtester, Reinforced - Onos, Subnautica Playtester
    <!--quoteo(post=2015836:date=Nov 8 2012, 10:08 PM:name=MurphyIdiot)--><div class='quotetop'>QUOTE (MurphyIdiot @ Nov 8 2012, 10:08 PM) <a href="index.php?act=findpost&pid=2015836"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->I have been looking into the problems you all have been having with .htpasswd and I was able to reproduce the problem where the login screen appears over and over again even with the correct login information. So we are looking into that in more detail now.

    The problem where the site doesn't render I am not sure about but assuming you use the full path to the .htpasswd file, it will load it correctly. So it really shouldn't matter where you put that file assuming you use the full, non-relative path. The relative path will work if it is relative to the working directory.<!--QuoteEnd--></div><!--QuoteEEnd-->


    <!--quoteo(post=2015891:date=Nov 8 2012, 10:49 PM:name=Max)--><div class='quotetop'>QUOTE (Max @ Nov 8 2012, 10:49 PM) <a href="index.php?act=findpost&pid=2015891"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->Apologizes for the confusion, but there is an error in the documentation. When using the Apache tool, you should select "digest" rather than "MD5". I'm adding in some error messages for the next patch to make this type of problem more obvious.<!--QuoteEnd--></div><!--QuoteEEnd-->

    Thank you!
  • ZaggyZaggy NullPointerException The Netherlands Join Date: 2003-12-10 Member: 24214Forum Moderators, NS2 Playtester, Reinforced - Onos, Subnautica Playtester
    Bumping thread, <a href="http://www.askapache.com/online-tools/htpasswd-generator/" target="_blank">http://www.askapache.com/online-tools/htpasswd-generator/</a> no longer has the online tool, unsure which options to pick with alternative online tools, please advice!
Sign In or Register to comment.