nginx 和 auth_basic

发布于 2024-08-17 09:42:31 字数 494 浏览 6 评论 0原文

我正在尝试在 Ubuntu Jaunty 中使用 nginx 进行基本身份验证。在 nginx.conf 中,我在服务器上下文下添加了这两行:

server {
   ...
   auth_basic "Restricted Access";
   auth_basic_user_file /etc/nginx/.htpasswd;
   ...
}

然后我 apt-get'ed apache2-utils 来获取 htpasswd,我用它来创建 htpasswd 文件:

htpasswd -d -c /etc/nginx/.htpasswd joe

当我尝试访问该站点时,出现身份验证对话框按预期进行,但是当我输入用户名和密码时,它只是刷新了对话框。它似乎不喜欢我提供的密码。我尝试使用和不使用 -d 选项运行 htpasswd ,但仍然没有运气。它拒绝进行身份验证。有什么想法我做错了吗?

任何帮助将不胜感激。

I am trying to get basic authentication working with nginx in Ubuntu Jaunty. In nginx.conf, I added these two lines under the server context:

server {
   ...
   auth_basic "Restricted Access";
   auth_basic_user_file /etc/nginx/.htpasswd;
   ...
}

Then I apt-get'ed apache2-utils to get htpasswd, which I used to create the htpasswd file:

htpasswd -d -c /etc/nginx/.htpasswd joe

When I try to access the site, the authentication dialog comes up as expected, but when I put in the username and password, it just refreshed the dialog box. It doesn't seem to like the password I am providing it. I tried running htpasswd both with and without the -d option, but still no luck. It refused to authenticate. Any ideas what I'm doing wrong?

Any help would be appreciated.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

娇柔作态 2024-08-24 09:42:31

我要检查的事情:

  • `/etc/nginx/.htpasswd` 上的权限 - 运行 nginx 的帐户可以读取该文件吗?您可以暂时尝试使用“chmod 644”来确保每个人都可以阅读它。如果有效,那么您可以整理出适当的“chown”和“chmod”设置组合,以便 nginx 和您/root 可以读取它,但其他用户不能(出于安全考虑)。
  • 确保“htpasswd”以正确的形式生成哈希值;它通常约为 13 个字母数字字符(例如“用户名:wu.miGq/e3nro”)。该命令也可以生成 MD5 哈希值,看起来更像是 `username:$apr1$hzB2K...$b87zlCYMKufOxn9ol5QV4/` 这些不适用于 nginx。
  • 研究增加 nginx 的调试输出并检查错误日志以获取线索。

Things I would check:

  • Permissions on `/etc/nginx/.htpasswd` - Can the file be read by the account running nginx? You could try, temporarily, using `chmod 644` to make sure everyone can read it. If that works, then you can sort out an appropriate combination of `chown` and `chmod` settings so that nginx and you/root can read it but other users cannot (for security).
  • Ensure that `htpasswd` is generating the hash in the right form; it's usually about 13 alphanumeric characters (for example `username:wu.miGq/e3nro`). The command CAN generate MD5 hashes too which would look more like `username:$apr1$hzB2K...$b87zlCYMKufOxn9ol5QV4/` these don't work with nginx.
  • Look into increasing the debug output of nginx and check the error logs for clues.
清引 2024-08-24 09:42:31

旧线程,但没有答案,并且在谷歌上得到了很好的引用。

如果您收到此错误并尝试了其他建议,请检查 .htpasswd 文件的父文件夹的权限:nginx 用户(默认为 www-data)应该已读取并执行 权限(这为我解决了这个问题)。

Old thread, but no answer, and well referenced on Google.

If you get this error and have tried the other suggestions, check the permissions of the parent folder of your .htpasswd file: the nginx user (www-data by default) should have read and execute permissions (this fixed it for me).

左秋 2024-08-24 09:42:31

我在 bash 上遇到的另一个问题。我没有通过提示输入密码,而是使用 htpasswd-b 选项来内联输入密码。

$ htpasswd -nb admin test123$secure

我不明白为什么我不断遇到密码不匹配错误,尝试不同的加密算法。我用curl验证了它的工作原理:

$ curl -u admin:test123$secure https://example.com

最后,问题通过echo暴露出来,

$ echo test123$secure
test123

我犯了在bash中使用美元符号($)的错误,它被解释为空变量,从而省略其他所有内容。可以通过删除 -b 选项并仅使用提示输入密码来避免这种情况。

Another gotcha I ran into on bash. Instead of entering my password via prompt I used the -b option of htpasswd to enter the password in-line.

$ htpasswd -nb admin test123$secure

I couldn't understand why my I kept on running into password mismatch errors, trying different encryption algorithms. I verified with curl that it worked:

$ curl -u admin:test123$secure https://example.com

Finally, the problem reveiled itself through echo

$ echo test123$secure
test123

I made the mistake of using a dolar sign ($) in bash which was interpreted as an empty variable, thus omitting everything else. This can be avoided by dropping the -b option and just using the prompt to enter the password.

薄暮涼年 2024-08-24 09:42:31

nginx 将 401 响应识别为注销,请确保您的网站不会返回 401 并再次重定向,否则它将陷入登录时的无限登录循环 ->第401章登出->重定向到同一页面 ->重复

nginx recognize 401 response as logout, make sure your site is not returning 401 and redirecting again, it will fall into infinite login loop as logged in -> 401 -> logged out -> redirect to same page -> repeat

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文