Question

I've followed the instructions to install TWiki on a remote web server, to which I have only FTP access (no shell). Everything has worked alright, except authentication fails with any user no matter how I set it up.

If I edit the .htpasswd file, using entries generated variously by dirpass.cgi (which works with basic authentication in other folders on this webserver) or with htpasswd.exe on my Windows computer, using variously "crypt", "md5", and "plain" encryption, and modifying TWiki.cfg accordingly, authentication fails.

In other words, I click on any Edit link, the authentication dialog pops up, but it invariably rejects my username and password, and pops up again, until I cancel it. Even when .htpasswd and TWiki.cfg are set up for "plain" encryption!

In the Apache error log, the only thing that showed up was a complaint about "permission denied" from writing "/home/marc/www/twiki/data/log200412.txt"; when I set the "data" directory to chmod 777 (rather than 775), it stopped complaining and the Apache error log no longer shows anything after failed authentication.

I also set up registration, according to the instructions (including the whole TwikiRegistrationPub->TwikiRegistration thing), and if I register, it seems to work and I get the confirmation email, but login still fails, and moreover, .htpasswd is not updated (though its permissions are 666).

Testenv - both the version included with the Sep02 release, and the latest CVS version - doesn't show any errors, at least not that I recognize. You can see for yourself at http://unironicm.us/twiki/bin/testenv. Feel free to try to register/login yourself if you like. (I disabled TWikiGuest, though.)

I'm out of ideas - help, anyone? I'll be happy to post anything that's needed.

Environment

-- MarcusMacauley - 24 Dec 2004

Answer

I figured it out. Turns out it was a combination of problems, so when I tried one thing, that didn't fix it, but after I fixed the other thing, the problem was solved.

First, the htpasswd:plain encryption format apparently wasn't working - I don't know why. The .htpassword file was in the form MyUserName:mypassword, and TWiki.cfg had $htpasswdEncoding set to "plain".

Not knowing that, I followed instructions from my administrator that the server required a "pam_auth" setting in bin/.htaccess. (Specifically, the required setting turned out to be:

AuthPAM_Enabled off

So I added that line to bin/.htaccess. When logging in still failed, I restored the original .htpasswd file (i.e.: TWikiGuest:zK.G.uuPi39Qg) and set $htpasswdEncoding in TWiki.cfg back to "crypt". (I.e. if Windows then "sha1", else "crypt".) Then, once I figured out that TWikiGuest contained a capital W, that log-in worked, and upon restoring a "crypt" version of my own username/password (generated by htpasswd.exe on my Windows computer) to the .htpasswd file, and that worked to. (I had to switch browsers to log in as a different user; I haven't yet figured out how to log out.)

So, in summary:

Following all the instructions would have worked, except that my host's server (Coastland Tech) required the following line be added to bin/.htpasswd:

AuthPAM_Enabled off

-- MarcusMacauley - 26 Dec 2004

P.S. How do I refile this in AnsweredQuestions?

Good point. It is not obvious that you'd need to edit the page before classifying it - TWiki would be better if Support Status was a dropdown that was always in edit mode...

-- MartinCleaver - 26 Dec 2004