cgiauth locking out of admin

New Member Joined: Apr 29, 2007 Posts: 4

I have been trying for 3 days now to figure out why my login to admin will not take.
new install of RN2.10 and adminauth gives cgiauth is my only option and I have followed all steps in Howtoinstall. Have reviewed the forums for similar solutions. Reviewed the installation manual, installed and reinstalled ravennuke and still have same problem..htaccess is configured correctly, .staccess file generated with hash when I try to log into admin I get prompted for uname and password 3 times and then error message.
I am about to pull what little bit of hair I have left out LOL. could someone please help? Its probably a problem staring me right in the face, but I can't seem to correct it.

Posted: Mon Apr 30, 2007 6:03 am

1) Make sure you are giving it the same username / password that was used to create the hash and not the one you use for admin.php (your nuke admin user).

2) Make sure the patch to .staccess is correct in your .htaccess file. This HAS to be an absolute path (cannot be relative) and is not relative to the web root.

That is all I can think of at the moment.

Posted: Mon Apr 30, 2007 11:09 am

Montego,

Thanks for your reply. I have verified all that you mentioned and am still having the problem. Verified user name and password, absolute path to .stacess is set properly in the .htaccess file. Wondering if the encryption method is the problem.
If I change the .stacess file and place the actual unencrypted password in the file then I get both login screens (Nuke Sentinel and Admin),and all seems to work properly. Very strange, can not figure this out. I am not a seasoned "nuker" and any help would be appreciated. I am running xampp for set up of Apache,PHP, and MySql. Don't know if this could be part of problem. I am going to try on another machine and see if I get the same problem.
It's driving me crazy! Incidently, I am running on Windows.

Thanks,

Posted: Mon Apr 30, 2007 5:49 pm

Hhhhmmm... I've never tried getting CGIAuth working on my local XAMPP set up. I shall have to give that a try. Smile

Posted: Mon Apr 30, 2007 6:27 pm

Thanks Montego,

I'm still trying. This is a test machine and using local host to connect to Nuke.
I really believe my issue has to do with the crypt not being passed back to the login. When i edit the .staccess file and put my password in plain text I can log right in to sentinel and then am prompted to enter the admin password and can get right in. When I use the hash in .staccess I keep getting prompted for the user name and password till it goes to error, ussually after three attempts.
Any suggestions you could give would be greatly appreciated. I've been through the forums, sentinel guide, and all over the place trying to figure this out.
it's making me buggy!

Thanks

Posted: Thu May 03, 2007 7:05 pm

I'm not able to get it working locally either. You may need to just trust us on this one that this will work on a LAMP platform... I'll keep looking, but no guarantees as I am not 100% what I am looking for.

Posted: Thu May 03, 2007 8:38 pm

Thanks Montego!

I really appreciate your efforts. I am still trying too. Let me know if you come up with anything.

Thanks again!

New Member Joined: Apr 05, 2007 Posts: 18

I'm going to ask this here rather than start a new thread for it...... I've got the encrypted passwords in .staccess, and the correct code in .htaccess. I'm getting the correct pop-up asking for the password etc, and they work. However, I am slightly concerned that after reading this thread... the way I got it to finally work is by looking at the Admin Auth section in NukeSentinal panel, (which did show the passwords for admins as being set, but they were about 20 random characters)and setting those to the ACTUAL password to be entered. Can that possibly be correct? I guess what I'm saying is that right now from NukeSentinel Admin Auth List... I'm showing:

Admin: Name Auth Login: Name Auth Password: set Protected: Yes

All well and good. Now if I click Edit for any of my admins, I can see their actual password on the next screen. Is it supposed to be there?

Posted: Tue Jun 05, 2007 7:00 am

Yes, that is current behaviour. However, this really should have been a separate thread...

Posted: Wed Jun 06, 2007 4:01 pm

Much appreciated. Sorry.... didn't want to have too many threads on the same basic topic. Delete at your leisure. Embarassed

Posted: Thu Jun 21, 2007 7:10 am

priordan, my appologies, but I just not had time to look into this further and since we should never be using XAMPP in a production mode (even stated as such by them), I just don't see the point spending the time to figure it out. We know it works on a typical live production set up, so, hopefully that will be good enough.

New Member Joined: Dec 22, 2005 Posts: 13

/ignore me Razz

PEBKAC error ... two www's in the path ....

/hide

Tek

New Member Joined: May 18, 2007 Posts: 10

I've experienced a similar problem recently. It occurred after I tried to install another software package on my host's server. Since Sentinel kept blocking me from my new software, I uninstalled it. Both the install and uninstall were done via Fantastico.

After the last uninstall, I could no longer access any admin functions. I received the same three pop up login boxes as above and then a failed login. After looking at my error log, I found that I was missing the file/directory on the server where those admin passwords were stored for CGIAuth.

I eventually disabled CGIAuth and got back in. I still can't use CGIAuth because of the missing file/directory. So, if anyone can give me some assistance on restoring this file, it would be appreciated.