Re: how to generate htpasswd non-interactively

At 11:42 PM 8/12/00 -0400, Rich Bowen wrote:
>"Kevin A. Jackson" wrote:
> >
> > This list is the greatest source of support as we fight our way through
> > configuring our first server.
> >
> > I have a great question, in two parts.
> >
> > - There are 1500+ users, and more will be added, although not more than a
> > few hundred as it is a relatively small regional association.
>...
>
>Although I don't think I'm directly answering your question, I would
>hazard to say that authenticating this many users via htpasswd, as you
>suggest, is doomed to failure. I find that with much more than 200 or
>300 users, the files generated by htpasswd become so cumbersome that
>Apache will often just fail to find users. Folks at the bottom of the
>file will be denied access, even though they know that they are typing
>the password correctly.
--

Thanks for your response, Rich, I persisted in my folly, and it seems to be 
working OK at this point, even bringing up users from the very bottom of 
the list.

The solution that we worked up was to write a PHP script which parsed the 
database, pulling out username/password combinations, encrypting the 
password and writing it to a password file in the same format as htpasswd. 
So every time the database of users is changed, we just re-run the PHP 
script and generate a new password file. The specific syntax to achieve the 
encryption I found in a script called crypt.cgi, and we re-used that for 
our PHP script.

Cheers and thanks again.
Kevin Jackson

--
Biz-Zone Internet Group
We build web stuff for business
http://www.biz-zone.com/ - Mailto:kevin(at)biz-zone.com
Phone: (905)888-0002 - Fax: (905)888-0001

HWG: hwg-servers mailing list archives, maintained by Webmasters @ IWA