This forum has been moved here:
Helicon Tech Community Forum

Helicon Ape (Forum Locked Forum Locked)
 Helicon Tech : Helicon Ape
Subject Topic: Helicon Ape on IIS6: .htpasswd problem
Author
Message |
charliekilian
Newbie


Joined: 13 July 2010
Location: United States
Posts: 4
Posted: 13 July 2010 at 11:20am

I am trying to get Helicon Ape working with IIS. At the moment I am struggling with getting .htpasswd authentication to work.

On my test server, I installed IIS and then ran all Windows Updates. I then installed Helicon Ape, which reported no errors. Next, I configured a website (in this case, www.chastainotis.com) in IIS. Finally, I mapped the wildcard handler to c:\windows\microsoft.net\framework\v2.0.50727\aspnet_isapi.dll, making sure to uncheck the "Verify that file exists" box. 

I also went in to IIS Manager, went to the Directory Security tab, and made sure "Basic authentication" is the only enabled authentication option.

I put the .htaccess and .htpasswd files in place. (They are included at the end of this post.) When I load the website in my web browser, it does prompt me for a password, but it never authenticates the user.

In the error log, I see this:

[7/13/2010 10:58:47 AM] [LicenseManager] Trial days left 0
[7/13/2010 10:58:47 AM] [mod_core_context] (8) [/Admin/] ConfigFactory.LoadHtaccess:
[7/13/2010 10:58:47 AM] [mod_core_context] (8) [/Admin/] ConfigFactory.LoadHtaccess: c:\inetpub\wwwroot\chastainotis.com\www\admin\.htaccess
[7/13/2010 10:58:47 AM] [authn_file_module] (8) [/Admin/] AuthUserFile: C:\inetpub\wwwroot\chastainotis.com\www\Admin\.htpasswd
[7/13/2010 10:58:47 AM] [authn_file_module] (8) [/Admin/] user otis added
[7/13/2010 10:58:47 AM] [authn_file_module] (8) [/Admin/] user test added
[7/13/2010 10:58:47 AM] [auth_basic_module] (8) [/Admin/] Authorization header not found


I'm concerned about the top line and the bottom line. I only installed this software today, so I don't think it should be a license issue. (Granted, it was on a virtual machine, and after I encountered some problems, I rolled back to a previous snapshot back and installed again -- but the original install was yesterday.)  As for the "Authorization header not found" line, I am not sure what that means. Searching the forums didn't produce anything helpful.

Here are my configuration files. Is there anything else I need to supply to help you help me?

.htaccess:
AuthType Basic
AuthName Title
AuthBasicProvider file
AuthUserFile C:\inetpub\wwwroot\chastainotis.com\www\Admin\.htpasswd
Require valid-user


.htpasswd:
otis:Bsky39VBv5C.A
test:$apr1$nqrk6...$qPQYlf4nqeWaRQgNehUwI1


Back to Top
 
charliekilian
Newbie


Joined: 13 July 2010
Location: United States
Posts: 4
Posted: 13 July 2010 at 11:21am

One more thing. Here is my httpd.conf file.

# Helicon Ape core configuration

#Automatically generated license file
Include licenses.conf

##----------------------------------------------------------------------
##
## The following code enables most detailed logging for Ape
##

Loglevel debug
ErrorLog error.log

#force Ape to ignore syntax errors in config
Options -StopOnError

##----------------------------------------------------------------------
##
## Read more about supported modules here http://www.helicontech.com/ape/doc/overview.htm
##

#LoadModule authz_host_module      modules/mod_authz_host.so
LoadModule auth_basic_module     modules/mod_auth_basic.so
#LoadModule auth_digest_module   modules/mod_auth_digest.so
#LoadModule authn_dbd_module     modules/mod_authn_dbd.so
LoadModule authn_file_module    modules/mod_authn_file.so
#LoadModule authn_anon_module    modules/mod_authn_anon.so
#LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_user_module    modules/mod_authz_user.so
#LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
#LoadModule authz_default_module modules/mod_authz_default.so
#LoadModule cache_module           modules/mod_cache.so
#LoadModule dbd_module        modules/mod_dbd.so
#LoadModule dir_module          modules/mod_dir.so
#LoadModule disk_cache_module     modules/mod_mem_cache.so
#LoadModule developer_module        modules/mod_developer.so
#LoadModule env_module           modules/mod_env.so
#LoadModule expires_module       modules/mod_expires.so
#LoadModule filter_module     modules/mod_filter.so
#LoadModule gzip_module            modules/mod_gzip.so
#LoadModule headers_module       modules/mod_headers.so
#LoadModule hotlink_module    modules/mod_hotlink.so
#LoadModule linkfreeze_module   modules/mod_linkfreeze.so
#LoadModule log_config_module    modules/mod_log_config.so
#LoadModule mem_cache_module    modules/mod_mem_cache.so
LoadModule proxy_module         modules/mod_proxy.so
LoadModule rewrite_module       modules/mod_rewrite.so
#LoadModule replace_module       modules/mod_replace.so
#LoadModule setenvif_module      modules/mod_setenvif.so
#LoadModule speling_module        modules/mod_speling.so
#LoadModule seo_module        modules/mod_seo.so


##----------------------------------------------------------------------
##
## The following code enables most detailed logging for mod_rewrite
##

#RewriteLog rewrite.log
#RewriteLogLevel 9


##----------------------------------------------------------------------
##
## The following code hides .htaccess and .htpasswd files from sites visitors.
##

#
#<FilesMatch "^\.ht">
#    Order allow,deny
#    Deny from all
#    Satisfy All
#</FilesMatch>


##----------------------------------------------------------------------
##
## Use htaccess.txt instead of .htaccess
## put it in the httpd.conf
##
#AccessFileName htaccess.txt


##----------------------------------------------------------------------
##
## Basic Authentication for the folder
##

#<Directory c:\inetpub\wwwroot\admin\>
#    AuthType Basic
#    AuthName "secret area"
#    AuthBasicProvider file
#    AuthUserFile c:\inetpub\.htpasswds
#    Require valid-user
#</Directory>

##----------------------------------------------------------------------
##
## MD5 Digest Authentication
##

#<Location /private/>
#    AuthType Digest
#    AuthName "private area"
#    AuthDigestDomain /private/ http://www.domain.com/myprivate/
#    AuthDigestProvider file
#    AuthUserFile c:/inetpub/passwords/.digest_pwd
#    Require valid-user
#</Location>


##----------------------------------------------------------------------
##
## Enable memory-based cache for php files
##

#<Files *.php>
#    ExpiresActive On
#    ExpiresByType text/html "access 1 hour"
#    CacheEnable mem
#</Files>


##----------------------------------------------------------------------
##
## Force Ape account for trailing slash redirects and index files
##

#DirectoryIndex index.html index.asp index.php
#DirectorySlash On


##----------------------------------------------------------------------
##
## Cache all cacheable content to the disk
##

## please create this folder before using
#CacheRoot c:\inetpub\cache
#SetEnv cache-enable disk

##----------------------------------------------------------------------
##
## Prevent ddos attacks
##

#<IfModule evasive_module>
#    DOSPageCount        10
#    DOSSiteCount        150
#    DOSPageInterval     1
#    DOSSiteInterval     1
#    DOSBlockingPeriod   10
#</IfModule>



##----------------------------------------------------------------------
##
## Enable smart expiration
##

#ExpiresActive On
## html expires in a 2 hour
#ExpiresByType text/html A7200
## css expires in a 4 hour
#ExpiresByType text/css A14400



##----------------------------------------------------------------------
##
## The following code enables caching and compression for all static files
## accounting for browser peculiarities
##

#Include smart_gzip_compression.conf


##----------------------------------------------------------------------
##
## Stop hotlinking
##

#SetEnv mod_hotlink
#<Files *.pdf>
#    HotlinkProtect /pdf [ Link, ParamName=hlb ]
#</Files>


#----------------------------------------------------------------------
##
## Enable Linkfreeze
##

#SetEnv mod_linkfreeze
#LinkFreezeRule --- "aspx=htm" [ AbsLinks,MoveExt ]


##----------------------------------------------------------------------
##
## Enable cache in-memmory
##

#<LocationMatch "/|/index.php">
#    SetEnv cache-enable mem
#</LocationMatch>



##----------------------------------------------------------------------
##
## Enable proxying /accounts/ application to internal server
##

#<Location /accounts/>
#    ProxyPass http://internal.company.com/accounts/
#    ProxyPassReverse http://internal.company.com/accounts/
#    ProxyPassReverseCookieDomain internal.company.com www.company.com
#</Location>


##----------------------------------------------------------------------
##
## Common rule for cms systems
##

#RewriteEngine on
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteRule (.*) /index.php [NC,L,NS]

##----------------------------------------------------------------------
##
#Header append Server "enhanced by Helicon Ape/3.0"
Back to Top
 
charliekilian
Newbie


Joined: 13 July 2010
Location: United States
Posts: 4
Posted: 13 July 2010 at 11:55am

It seems I have solved my own problem. I read this post, which documents a similar problem:

http://www.helicontech.com/forum/14422-Securing_Folder_with_APE.html

In my case, the key was that I still had "Basic authentication (password is sent in clear text)" checked. To change it, go into IIS Manager, right click on the website, choose Properties, click on the Directory Security tab, in the "Authentication and access control" section, press the Edit button. Then uncheck everything except "Enable anonymous access".

I think the problem must have been that IIS was fighting Helicon Ape for control of the authentication process. But I'm not really sure. Anyway, the original problem works now.

I am having another problem now: Old .htpasswd files from another server don't authenticate. Part of my goal in evaluating Helicon Ape is to replace IISPassword. Password files (.htpasswd) that worked fine under IISPassword aren't working with Helicon Ape. For example, here is my .passwd file:

otis:Bsky39VBv5C.A
test:$apr1$nqrk6...$qPQYlf4nqeWaRQgNehUwI1

The first line was generated with a tool found on the web, and works fine with IISPassword but not with Ape. The line was generated with Helicon Ape Manager. It authenticates fine with Ape. Both passwords are the same: "scalific" -- without the quotes, of course.

Any ideas how to resolve this?




Back to Top
 
charliekilian
Newbie


Joined: 13 July 2010
Location: United States
Posts: 4
Posted: 13 July 2010 at 12:00pm

Here is the website I'm using to generate .htpasswd files:

http://home.flash.net/cgi-bin/pw.pl

Going forward, I can always use Helicon's Ape Manager tool. However, I must also support the many sites we already have in place that have .htpasswd files created with other tools.

Back to Top
 
Vyacheslav
Admin Group


Joined: 02 July 2008
Location: Ukraine
Posts: 1542
Posted: 14 July 2010 at 2:37am

Hello,
As regarding the first issue I can confirm that you should disable all IIS authentications. Otherwise there may be conflicts.

You may generate passwords by Helicon Ape Manager. Unfortunately we don’t support IISPassword format yet, for we were oriented on Apache. But I discussed the case with developers and I’m sure we’ll support IISPassword format in further builds of Ape.

Thank you for using our software.

__________________
Slavik Shynkarenko,
Helicon Tech.
Back to Top Visit Vyacheslav's Homepage
 
Vyacheslav
Admin Group


Joined: 02 July 2008
Location: Ukraine
Posts: 1542
Posted: 05 August 2010 at 7:33am

Hello,
We’ve just released a new build of Helicon Ape which supports IISPassoword format. Please check it out.
Thanks.

__________________
Slavik Shynkarenko,
Helicon Tech.
Back to Top Visit Vyacheslav's Homepage
 
floho
Newbie


Joined: 09 January 2012
Posts: 1
Posted: 09 January 2012 at 9:45am

charliekilian wrote:
To change it, go into IIS Manager, right click on the website, choose Properties, click on the Directory Security tab, in the "Authentication and access control" section, press the Edit button. Then uncheck everything except "Enable anonymous access".


Windows Server 2003, the tip from charliekilian is working. But every time, when I'm restarting the IIS-Server, the setting goes back to the default. Anybody have an idea, how i can stop this "reset"?
Back to Top
 

Sorry, you can NOT post a reply.
This forum has been locked by a forum administrator.

Printable version Printable version