摘要式身份验证拒绝接受有效凭据
我正在尝试通过 .htaccess 文件使用摘要式身份验证来保护文件夹:
AuthType Digest
AuthName "Restricted Area"
AuthUserFile /web/htdocs/www.domain.com/.../.htdigest
Require valid-user
我已使用命令“htdigest”创建了密码文件。 在我的本地服务器上一切正常......但在我的远程服务器(托管网站)上却不行! 即使我输入正确的密码,浏览器也会显示登录面板!
在远程服务器上,PHP 作为 CGI 运行,而不是作为 Apache 的模块运行...应该是这个原因吗?有一些解决方法吗?
使用 .htaccess 的基本身份验证在同一远程服务器上运行良好!
I'm trying to protect a folder with Digest Authentication through a .htaccess file:
AuthType Digest
AuthName "Restricted Area"
AuthUserFile /web/htdocs/www.domain.com/.../.htdigest
Require valid-user
I've created the file of passwords with the comand "htdigest".
All works fine on my local server ... but not on my remote server (hosted website)!
The browser shows the login panel even if I enter a correct password!
On the remote server PHP is running as CGI not as a module of Apache ... should be this the cause? Is there some workaround?
A Basic Authentication with .htaccess works fine on the same remote server!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果脚本作为 CGI 运行,则意味着它作为本地用户运行,而不是作为 www 运行,这可能是问题所在,是的。 CGI 是唯一的选择吗?
If the script is running as CGI, that means it is running as the local user, not as www, which is probably the problem, yes. Is CGI the only option?
上面的代码缺少 AuthDigestDomain 指令,关于该文档 说:
不过,我确实通过启用 Apache 模块
mod_auth_digest而不是模块mod_digest解决了这个问题。The code above is missing the AuthDigestDomain directive, about that the documentation says:
However, I've definitely solved the problem by enabling the Apache module
mod_auth_digestinstead of the modulemod_digest.