Configure auth_basic with Nginx and Passenger

dubstep · August 12, 2011, 10:18am

I’m trying to set up a basic authentication with Nginx.

My server configuration look like that:

server {
  listen 80;
  server_name DOMAIN;
  root /var/www/web-front-dev/current/public;
  error_log /var/log/nginx/web-front-dev-error.log;
  access_log /var/log/nginx/web-front-dev-access.log;
  passenger_enabled on;
  client_max_body_size 100M;

  location / {
    passenger_enabled on;

    auth_basic "Restricted";
    auth_basic_user_file

/var/www/web-front-dev/shared/simple_authentication_user_file;
}
}

The content of simple_authentication_user_file is simply:
a:b

After having restarted everything, I keep having an error while trying
to logging to my domain (I checked that I enter ‘b’ correctly hmm hmm):

2011/08/10 16:10:13 [error] 26768#0: *1 user "a": password mismatch,

client: IP, server: DOMAIN, request: “GET / HTTP/1.1”, host: “DOMAIN”

I even put a chmod 777 to simple_authentication_user_file to see if it
could be a problem without any success.

Could anyone suggest me something to check?

Posted at Nginx Forum:

vincentp · August 12, 2011, 11:17am

Hello!

On Fri, Aug 12, 2011 at 04:18:12AM -0400, vincentp wrote:

I’m trying to set up a basic authentication with Nginx.

My server configuration look like that:

[…]

The content of simple_authentication_user_file is simply:
a:b

If you want to use plain text passwords, use

a:{PLAIN}b

instead (works in nginx 1.0.3+).

By default passwords are expected to be encrypted by crypt(3), see
[1]. The only exception is Windows version where is no crypt()
and passwords are treated as plain text by default (you may want
to use $apr1$ aka Apache md5 passwords on Windows as supported in
1.0.3+ for maximum security).

[1] Module ngx_http_auth_basic_module

Maxim D.

vincentp · August 12, 2011, 6:04pm

Thanks for your answer!

I haven’t read the small caracteres at the bottom of the page properly

Vincent

Posted at Nginx Forum: