Bug 33177 - authenticate problem
Summary: authenticate problem
Status: CLOSED INVALID
Alias: None
Product: Apache httpd-1.3
Classification: Unclassified
Component: Auth/Access (show other bugs)
Version: HEAD
Hardware: PC Linux
: P2 major (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-01-20 11:15 UTC by JinrongYe
Modified: 2005-01-20 19:03 UTC (History)
0 users


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description JinrongYe 2005-01-20 11:15:38 UTC 
when i configure my apache(version 1.3.27 and 1.3.33) for limiting someone to
access the special directory,my configure is:
    AuthType Basic
    AuthName darkness
    AuthUserFile /path/to/authdb
    require valid-user
and i create user "/path/to/apache/bin/htpasswd -c /path/to/authdb yejr",i enter
the password "yejrhome".but i can access the directory if i enter the password
that begin of "yejrhome",such as "yejrhomexx",i also can access it.
Comment 1 Joshua Slive 2005-01-20 18:12:29 UTC 
This is a feature of the crypt library on your system: in only looks at the
first 8 characters of the password.  To avoid it, use the -m option to htpasswd
to create md5 passwords.
Comment 2 JinrongYe 2005-01-21 04:03:01 UTC 
thanks much