Error "Password Mismatch" whilst Configuring Apache 2 on XP pro

Hello guru's, i've got a XP problem, configured my linux system right
the other day but it seems my password file has a problem. I'm quite
sure i'm finding the .htpasswd file, as i'm getting the user correct,
however the "Password Mismatch" in the error log seems to mean the
password encoding may not be working right (could be wong)

[Sun May 07 11:43:46 2006] [error] [client 127.0.0.1]
user rupert: authentication failure for "/secure/hello.html": Password
Mismatch

my httpd.conf file is;
#--------------------------------------

DocumentRoot "C:/Program Files/Apache Group/Apache2/htdocs"

AccessFileName ".htaccess"

<Directory "/">
Options FollowSymLinks
AllowOverride None
</Directory>

<Directory "C:/Program Files/Apache Group/Apache2/htdocs">
Options Order Allow,Deny
Allow from All
AllowOverride All
</Directory>
#---------------------------------------------

and the sub directory i'm trying to secure is;
C:/Program Files/Apache Group/Apache2/htdocs/secure/

and contains;
hello.html .htaccess .htpasswd

the .htaccess file contains;
AuthUserFile "htdocs/secure/.htpasswd"
AuthName "Ruperts place"
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>

and after running "htpasswd -c .htpasswd rupert" whilst within the
directory
I want to protect I do get my .htpasswd file sitting there within my
/secure/ directory
with the contents of;
rupert:rTGbkj98PfvqE

Does it have something to do with MD5 on windows and the Digest option
instead of Basic within the httpd.conf file?

whoops embarrasing...

rupert@web-ideas.com.au wrote:
> AuthUserFile "htdocs/secure/.htpasswd"

That's wrong. It must be an absolute filepath - "C:/Program Files/Apache
Group/Apache2/htdocs/secure/.htpasswd"

But why are you using .htaccess files?
It could go directly into a
<Directory "C:/Program Files/Apache Group/Apache2/htdocs/secure"> container

> <Limit GET POST>

So other methods are unprotected?

--
Robert

rupert@web-ideas.com.au wrote:
> with the contents of;
> rupert:rTGbkj98PfvqE

BTW: Sometimes only plan passwords are working on windows like

rupert:test

--
Robert

must it? The path seems to be working okay as it uses the alias
/htdocs/ to get the c:/*/htdocs path.

iro passwords, does that mean I need to manually type out the password
for the user into the .htpasswd file. And forget using the encrypted
password that Apache2 can generate with "htpasswd".

rupert@web-ideas.com.au wrote:
> must it?

Ok, looks like ServerRoot relative is also permitted.

> The path seems to be working okay as it uses the alias
> /htdocs/ to get the c:/*/htdocs path.

It can't use an alias, because this is not on the URI level,
AuthUserFile expects a file-path.

> iro passwords, does that mean I need to manually type out the password
> for the user into the .htpasswd file. And forget using the encrypted
> password that Apache2 can generate with "htpasswd".

Sometimes on windows systems, yes. It looks like something is failing
somewhere (I guess in apr).

--
Robert

<rupert@web-ideas.com.au> schreef in bericht
news:1146996439.325013.249040@i39g2000cwa.googlegr oups.com...
> iro passwords, does that mean I need to manually type out the password
> for the user into the .htpasswd file. And forget using the encrypted
> password that Apache2 can generate with "htpasswd".
>
http://httpd.apache.org/docs/2.0/programs/htpasswd.html
on ao windows MD5 is used where crypt is the default on *nix

On windows Apache cann't read crypt-ed passwords, on *nix plaintext is not
excepted.
In between the lines it seems -to me- either platform will except MD5.

HansH