- This topic has 5 replies, 2 voices, and was last updated 11 years, 5 months ago by
.
-
Posts
-
Posting in case anyone on here is considering using lighttpd.
Ensure you have a user (configured under ‘Settings’ ‘User Access Control’) before installing lighttpd.
Most people will already have a user, but if not, it seems the latest set up requires a user to login to the web server (which is fair enough). But if there’s no user in place you can’t access the lighttpd on the HDR in order to set one up.
It is possible to work round, but wasn’t immediately obvious (to me anyway).
lighttpd does not require a user to be set up. Where did you get that impression from ? If a user is already set up then it will be maintained but it’s certainly not a pre-requisite.
Perhaps just me then… I’ve never had a user/password for http on the HDR.
After installing lighttpd this morning, then trying to browse, a username and password window popped up. Pressing ok without entering anything gave a 401.
User Access Control on the mongoose server depended on two things. Firstly, it needed the presence of user/password file /opt/etc/.htpasswd, and secondly ir required two additional entries in the mongoose configuration file /opt/etc/mongoose.conf
These are :
authentication_domain Foxsat-HDR
global_passwords_file /opt/etc/.htpasswd
Without these additional entries mongoose would not prompt for a username and password, even if the .htpasswd file existed.
All that the lighttpd server requires is the existence of the .htpasswd file to enable UAC. I suspect that was what happened in your case, although I’m at a loss to explain how that situation could arise considering you have never set a password.
The 401 error is the standard ‘Unauthorized’ error you get when entering empty user name or password fields.
Anyway, if you still want unrestricted access to your HDR then you can either remove the user you created via the Settings page, or simply delete the /opt/etc/.htpasswd file. Either way you will need to restart to pick up the changes.
Thanks for the advice. I’ll leave the accounts in place.
mongoose.conf doesn’t have the user access control lines in it, but there is a .htpasswd file. This contains the credentials for the new accounts set up after installing lighttpd and getting round the initial problem of being locked out by not knowing the user/password it was asking for.
Possible explanation for my case:- If someone had set up a user access control under mongoose and then deleted it and essentially forgotten it, mongoose may have left the .htpasswd file in place. This would be ignored by mongoose but would be inherited by the new server which would begin by asking for the credentials for the forgotten mongoose account.
That would mean I was wrong implying there’d never been an account set up under mongoose.
Possibly a corner case – my apologies for any time wasted.
- You must be logged in to reply to this topic.