Apache does not accept username/password
 

i have configured Apache+SNORT+MySql+PHP+ACID on a machine.
I want to have user authentication for those accessing the ACID page
i added entries in httpd.conf to allow 2 users (and made all necessary configurations my makeing the .htpasswd, .htgroup files in /var/www/html/acid/ directory)
When i run ACID,it does not log in!! the http error logfile said
so i created a table user_info in the test database (i dont know why it gave this error!! but can i do without adding the user in mysql database?) and had columns 'user_name' and 'user_password'
I added the required users in the database but gave cleartext password (dint know how to go about this field, but I'm sure this is not the right way..) now the error sayswhats the solution? Thanks in advance for any help

well did u try out with the htpasswd command??
or just created the files and entered the passwords??

regards

i did that with htpasswd
only mysql entries i added by hand.

ok so when u used htpasswd

where did it gave u problems?
did u get the username/password box while accesing that page?
if u got that box then u cna check the apache log and see what error did it encounter and did not allow you to login

regards

Yes it did give a username/passwd box when accessing the page.. but it seemed it did not accept the username/passwd and the window came up again. while refering to the logs, i could see the error that i have enclosed in the 'code' block in my first post(of'course xx.xx.xx.xx was where my actual ip was..). The error indicated that it wanted a mysql entry!! So i created the table (i've given the details in my first post )

can u post the entry in httpd.conf where you have specified the option for password protecting your page

did u use mysql+htpasswd??

regards

the snip if httpd.conf..
the snip of /var/www/html/acid/.htgroup
edit:
Initially i had not.. i only added the mysql entry after looking at the error log

pl. also post ut htpaswd command that u used

regards

well see the difference here

AuthUserFile /var/www/httpd/acid/.htpasswd
AuthGroupFile /var/www/httpd/acid/.htgroup

and here

htpasswd -c /var/www/html/acid/.htpasswd user1
htpasswd /var/www/html/acid/.htpasswd user2

regards

oops sorry, the directory /var/www/html/acid is the valid directory and i have corrected the entries in httpd.conf file and restarted httpd service. But still i am not able to authenticate!!! :(

please post the log from error/info file log of apache

i too have faced such problems and the logs have always come to my rescue

regards

After editing the httpd.conf file to correct the address entry, i droped the table user_info in the mysql database. Shown below is the error log after doing the above changes..
After this i again created the table user_info in test database (with keys user_name and user_password) with the same username that is used to log into snort database in mysql while accessing ACID. Of'course i again inserted the password in cleartext!! Heres the error log as of how it looks after this change.
edit: is this a problem with Apache 2.0? My coleague, it seems, did not have any problems with apache 1.x

the error that u have indicated does not suggest that you got an access denied request

there is some problem with mysql entries

what do u get for

service httpd restart

does it go fine if u do that for 2-3 times
do u get service failure ??

also there is a snort config manaul for centOS,so it will work for redhat too
lookout for that from the snort website

regards

service httpd restart gives
Error file tail is..
The problem is not specific to snort/ACID.. I had faced the same problem while doing it for normal web-pages. Last time was for a personal purpose. But this time I really need an authenticated user to view the ACID page in my organisation.