Opened 6 years ago

Closed 6 years ago

#5484 closed Bug/Something is broken (fixed)

log in problem

Reported by: https://id.mayfirst.org/utla Owned by: https://id.mayfirst.org/ross
Priority: High Component: Tech
Keywords: apache htpasswd basic-authentication Cc:
Sensitive: no

Description

I am embarrassed and sorry to bother you. I have a new computer and I cannot log into the UTLA development site at http://utla-dev.mayfirst.org/. I have tried utla, utla-dev and cryder with a variety of passwords and having no luck. I can ftp into the site, but not sure where to look to find this info, if it is findable. Any advice? Thank you.

Attachments (1)

drupal_login_mar192012.jpg (42.5 KB) - added by https://id.mayfirst.org/utla 6 years ago.
The log in screen I am getting

Download all attachments as: .zip

Change History (13)

Changed 6 years ago by https://id.mayfirst.org/utla

The log in screen I am getting

comment:1 Changed 6 years ago by https://id.mayfirst.org/dkg

  • Keywords apache htpasswd basic-authentication added

For future reference, this kind of password-protection on the web is called HTTP Basic Authentication (it could also be Digest Authentication, though digest is used less often than basic).

On systems that use apache as the web server (MF/PL uses apache), the credentials are normally saved in a file in the web root named something like .htpasswd (note the leading dot!). You can check by looking at your web config (in the control panel) or the .htaccess file directly in the web directory; You'll want to find the directive named something like AuthUserFile.

But! These credentials are stored in digest form, so access to that file will give you the user names, but you won't automatically be able to extract the password (you'd have to crack the digest to recover the password -- i won't go into that here). However, if you have write access to that file, you can just change the password of the user in question, using the htpasswd command directly from an ssh session.

Last edited 6 years ago by https://id.mayfirst.org/dkg (previous) (diff)

comment:2 Changed 6 years ago by https://id.mayfirst.org/ross

  • Owner set to https://id.mayfirst.org/ross
  • Status changed from new to assigned

comment:3 follow-up: Changed 6 years ago by https://id.mayfirst.org/utla

I don't get it. I can open the httaccess file, but see nothing in there that can help me out.

comment:4 in reply to: ↑ 3 Changed 6 years ago by https://id.mayfirst.org/utla

I need to figure this password problem out soon. If I use the "Password Reset" in the Control panel, what does that change? I assume that does not include the drupal username and password for my dev site?

Replying to https://id.mayfirst.org/utla:

I don't get it. I can open the httaccess file, but see nothing in there that can help me out.

comment:5 Changed 6 years ago by https://id.mayfirst.org/utla

I still cannot get access. Is there another way to get my username and password for our utla-dev site.

comment:6 follow-up: Changed 6 years ago by https://id.mayfirst.org/ross

Sorry for the delayed response. I've removed the authentication for you. So now you can access the site. If you need to re-protect the site. I'm happy to help you set it up again, but for now you have access.

~/ross

comment:7 in reply to: ↑ 6 Changed 6 years ago by https://id.mayfirst.org/utla

Replying to https://id.mayfirst.org/ross:

Sorry for the delayed response. I've removed the authentication for you. So now you can access the site. If you need to re-protect the site. I'm happy to help you set it up again, but for now you have access.

~/ross

Thanks. However, I need to be able to log in as an administrator. I don't want others to be able to see access the site. How do we go about setting this up?

comment:8 Changed 6 years ago by https://id.mayfirst.org/utla

Any update on this? I need to get admin access ASAP.

Thanks

comment:9 follow-up: Changed 6 years ago by https://id.mayfirst.org/ross

Hi utla,

What is not clear to me is whether or not you need a drupal login or a apache basic auth login. Even after I removed apache basic auth, you're saying you need admin access. Do you need admin access via drupal?

This is a different problem. I just issued a password reset for cryder you should be receiving an email if you receive email for the cryder user account. cryder at utla.net ... This should get you into the site.

If you don't have access or use that email address, then we can work something else out by creating a new account.

I've also re-implemented apache basic Authentication. You should be able to temporarily see the username and password for getting past basic authentication. You can change the username and password display on the login popup by modifying the text in your web config in the control panel:

https://members.mayfirst.org/cp/index.php?area=hosting_order&service_id=7&hosting_order_id=1000125

If you want to create a new username and password, you'll need to ssh into the server as user utla-dev and run the following command:

0 utla-dev@jones:~$ htpasswd ./dev.utla.net/include/htpasswd NEW-USERNAME

Please let me know if this does not solve your problem.

~/ross

comment:10 in reply to: ↑ 9 Changed 6 years ago by https://id.mayfirst.org/utla

That is the correct email address (cryder at utla.net), but I never got the email. I just need admin access through drupal, not apache.

Replying to https://id.mayfirst.org/ross:

Hi utla,

What is not clear to me is whether or not you need a drupal login or a apache basic auth login. Even after I removed apache basic auth, you're saying you need admin access. Do you need admin access via drupal?

This is a different problem. I just issued a password reset for cryder you should be receiving an email if you receive email for the cryder user account. cryder at utla.net ... This should get you into the site.

If you don't have access or use that email address, then we can work something else out by creating a new account.

I've also re-implemented apache basic Authentication. You should be able to temporarily see the username and password for getting past basic authentication. You can change the username and password display on the login popup by modifying the text in your web config in the control panel:

https://members.mayfirst.org/cp/index.php?area=hosting_order&service_id=7&hosting_order_id=1000125

If you want to create a new username and password, you'll need to ssh into the server as user utla-dev and run the following command:

0 utla-dev@jones:~$ htpasswd ./dev.utla.net/include/htpasswd NEW-USERNAME

Please let me know if this does not solve your problem.

~/ross

comment:11 Changed 6 years ago by https://id.mayfirst.org/utla

Ross, I did not get the email with the password reset link. My email you mentioned is correct. This has gone about 2 week snow. There has to be an easier way to figure out my username and password.

comment:12 Changed 6 years ago by https://id.mayfirst.org/utla

  • Resolution set to fixed
  • Status changed from assigned to closed

Good now. Got info from Jamie. Thanks

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.