nginx 和 auth_basic
我正在尝试在 Ubuntu Jaunty 中使用 nginx 进行基本身份验证。在 nginx.conf 中,我在服务器上下文下添加了这两行:
server {
...
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
...
}
然后我 apt-get'ed apache2-utils 来获取 htpasswd,我用它来创建 htpasswd 文件:
htpasswd -d -c /etc/nginx/.htpasswd joe
当我尝试访问该站点时,出现身份验证对话框按预期进行,但是当我输入用户名和密码时,它只是刷新了对话框。它似乎不喜欢我提供的密码。我尝试使用和不使用 -d 选项运行 htpasswd ,但仍然没有运气。它拒绝进行身份验证。有什么想法我做错了吗?
任何帮助将不胜感激。
I am trying to get basic authentication working with nginx in Ubuntu Jaunty. In nginx.conf, I added these two lines under the server context:
server {
...
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
...
}
Then I apt-get'ed apache2-utils to get htpasswd, which I used to create the htpasswd file:
htpasswd -d -c /etc/nginx/.htpasswd joe
When I try to access the site, the authentication dialog comes up as expected, but when I put in the username and password, it just refreshed the dialog box. It doesn't seem to like the password I am providing it. I tried running htpasswd both with and without the -d option, but still no luck. It refused to authenticate. Any ideas what I'm doing wrong?
Any help would be appreciated.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
我要检查的事情:
Things I would check:
旧线程,但没有答案,并且在谷歌上得到了很好的引用。
如果您收到此错误并尝试了其他建议,请检查 .htpasswd 文件的父文件夹的权限:nginx 用户(默认为 www-data)应该已读取并执行 权限(这为我解决了这个问题)。
Old thread, but no answer, and well referenced on Google.
If you get this error and have tried the other suggestions, check the permissions of the parent folder of your .htpasswd file: the nginx user (www-data by default) should have read and execute permissions (this fixed it for me).
我在 bash 上遇到的另一个问题。我没有通过提示输入密码,而是使用
htpasswd的-b选项来内联输入密码。我不明白为什么我不断遇到密码不匹配错误,尝试不同的加密算法。我用curl验证了它的工作原理:
最后,问题通过
echo暴露出来,我犯了在bash中使用美元符号($)的错误,它被解释为空变量,从而省略其他所有内容。可以通过删除
-b选项并仅使用提示输入密码来避免这种情况。Another gotcha I ran into on bash. Instead of entering my password via prompt I used the
-boption ofhtpasswdto enter the password in-line.I couldn't understand why my I kept on running into password mismatch errors, trying different encryption algorithms. I verified with curl that it worked:
Finally, the problem reveiled itself through
echoI made the mistake of using a dolar sign ($) in bash which was interpreted as an empty variable, thus omitting everything else. This can be avoided by dropping the
-boption and just using the prompt to enter the password.nginx 将 401 响应识别为注销,请确保您的网站不会返回 401 并再次重定向,否则它将陷入登录时的无限登录循环 ->第401章登出->重定向到同一页面 ->重复
nginx recognize 401 response as logout, make sure your site is not returning 401 and redirecting again, it will fall into infinite login loop as logged in -> 401 -> logged out -> redirect to same page -> repeat