.htaccess question - GoFuckYourself.com

JDog · 06-16-2003, 01:20 PM

Is it possible to list multiple .htpasswd files in a .htaccess, kindof like:

AuthType Basic
AuthName Members
AuthDBMUserFile /usr/local/htpasswd.db
AuthDBMUserFile /usr/local/testing.db
AuthGroupFile /dev/null
require valid-user

Would anybody know this?

jDoG

funkmaster · 06-16-2003, 01:25 PM

well, you do actually have only one .htpasswd file, but more than just one user in it. this way you wouldn´t have to link it to a database.

... but I have no idea if you could actually link it to a database ...

4Pics · 06-16-2003, 01:25 PM

I dont believe you can do that.

But you can use a custom solution with mysql to accomplish what you want.

Jeffery · 06-16-2003, 01:27 PM

No, you can't, but there are tools that will combine two htpasswd files. Look around for that. Try cgi-resources.com

Stramm · 06-16-2003, 01:29 PM

there's an apache mod for that.. it's free and called mod_auth

do a search for it

vending_machine · 06-16-2003, 01:44 PM

Quote:

Originally posted by Stramm
there's an apache mod for that.. it's free and called mod_auth

do a search for it

Did you even read his question... ?

JDog; No, you cannot have two different password databases for one directory. If you can, try to merge the two instead, or look at using mod_auth_mysql and doing some trickery with that instead.

NetRodent · 06-16-2003, 01:47 PM

Quote:

Originally posted by vending_machine

Did you even read his question... ?

JDog; No, you cannot have two different password databases for one directory. If you can, try to merge the two instead, or look at using mod_auth_mysql and doing some trickery with that instead.

Actually there is an apache mod (written by someone from here I think) that will allow multiple .htpasswd files.

JDog · 06-16-2003, 01:54 PM

Thanks for the reply's a couple understood it others didn't. I'm not using .htpasswd where the password file looks like:

user:encyptedpassword

I'm using DBM files which is using the mod_dbmauth (or whatever the exact module is). What I'm trying to figure out is if there is a way that I could look into one password file for a username/password and if it isn't in that one, look to see if the username/password is valid in the second one, and the same for the third.

This is why I'm doing this, I'm setting up three processors with MPA2. And I dont' want the processors to overwrite usernames!

jDoG

vending_machine · 06-16-2003, 01:59 PM

Quote:

Originally posted by JDog
Thanks for the reply's a couple understood it others didn't. I'm not using .htpasswd where the password file looks like:

user:encyptedpassword

I'm using DBM files which is using the mod_dbmauth (or whatever the exact module is). What I'm trying to figure out is if there is a way that I could look into one password file for a username/password and if it isn't in that one, look to see if the username/password is valid in the second one, and the same for the third.

This is why I'm doing this, I'm setting up three processors with MPA2. And I dont' want the processors to overwrite usernames!

jDoG

The way this is done in 99% of the cases is just to merge the password files every 5 or so minutes. Unless you want to spend time creating a cusomized solution, the merging option is by far the easiest and cheapest way to go.

All the different processors should assign unique random usernames in order to not create collisions. Having multiple identical usernames for the same site is a bad bad idea.

fiveyes · 06-16-2003, 02:19 PM

http://forums.devshed.com/archive/15/2002/05/1/35020

Whenever I find myself considering a concept that can't be implemented, I realize it's time to go back and look at why I wanted to do it in the first place. Without fail, I've always realized I was looking for a solution to the wrong problem.

In your specific case, you just need file locking, where only one process can update the .htpasswd file at a time. Anything else is going to cause you more headaches than you realize.

06-16-2003, 01:20 PM	#1
JDog Confirmed User Join Date: Feb 2003 Location: Canby, OR Posts: 7,453	.htaccess question Is it possible to list multiple .htpasswd files in a .htaccess, kindof like: AuthType Basic AuthName Members AuthDBMUserFile /usr/local/htpasswd.db AuthDBMUserFile /usr/local/testing.db AuthGroupFile /dev/null require valid-user Would anybody know this? jDoG __________________ NSCash now powering ReelProfits.com ALSO FEATURING: NSCash.com :: SoloDollars.com :: ReelProfits.com :: BiminiBucks.com :: VOD PROGRAMS COMING SOON: Greedy Bucks :: Vengeance Cash NOW OFFERING OVER 60 SITES CONTACT :: JAMES SMITH :: CHIEF TECHNOLOGY OFFICER :: ICQ (711385133)

06-16-2003, 01:27 PM	#4
Jeffery Confirmed User Join Date: Nov 2002 Location: Awgtrade Posts: 485	No, you can't, but there are tools that will combine two htpasswd files. Look around for that. Try cgi-resources.com __________________ icq: 20427689 AWGTrade - Free C-coded traffic management system

06-16-2003, 01:54 PM	#8
JDog Confirmed User Join Date: Feb 2003 Location: Canby, OR Posts: 7,453	Thanks for the reply's a couple understood it others didn't. I'm not using .htpasswd where the password file looks like: user:encyptedpassword I'm using DBM files which is using the mod_dbmauth (or whatever the exact module is). What I'm trying to figure out is if there is a way that I could look into one password file for a username/password and if it isn't in that one, look to see if the username/password is valid in the second one, and the same for the third. This is why I'm doing this, I'm setting up three processors with MPA2. And I dont' want the processors to overwrite usernames! jDoG __________________ NSCash now powering ReelProfits.com ALSO FEATURING: NSCash.com :: SoloDollars.com :: ReelProfits.com :: BiminiBucks.com :: VOD PROGRAMS COMING SOON: Greedy Bucks :: Vengeance Cash NOW OFFERING OVER 60 SITES CONTACT :: JAMES SMITH :: CHIEF TECHNOLOGY OFFICER :: ICQ (711385133)

06-16-2003, 02:19 PM	#10
fiveyes Confirmed User Join Date: Aug 2001 Location: New Orleans Posts: 1,680	http://forums.devshed.com/archive/15/2002/05/1/35020 Whenever I find myself considering a concept that can't be implemented, I realize it's time to go back and look at why I wanted to do it in the first place. Without fail, I've always realized I was looking for a solution to the wrong problem. In your specific case, you just need file locking, where only one process can update the .htpasswd file at a time. Anything else is going to cause you more headaches than you realize. __________________ <CENTER><A HREF="http://www.hot-off-bourbon.com/" target="_blank"><IMG SRC="http://www.hot-off-bourbon.com/images/hob-logosmall.jpg" border="0"></A> <FONT face="Comic Sans MS" SIZE="-1"><I>Mardi Gras, Spring Break, Wet-T, Night Club Action, UpSkirt, Oil Wrestling, Voyeur</I></FONT></CENTER>

06-16-2003, 01:25 PM	#2
funkmaster So Fucking Banned Join Date: Sep 2001 Location: shell beach Posts: 7,938	well, you do actually have only one .htpasswd file, but more than just one user in it. this way you wouldn´t have to link it to a database. ... but I have no idea if you could actually link it to a database ...

06-16-2003, 01:25 PM	#3
4Pics Confirmed User Industry Role: Join Date: Dec 2001 Posts: 7,952	I dont believe you can do that. But you can use a custom solution with mysql to accomplish what you want.

06-16-2003, 01:29 PM	#5
Stramm Confirmed User Join Date: Jan 2003 Location: NL Posts: 342	there's an apache mod for that.. it's free and called mod_auth do a search for it