hcarsten / google-authenticator-apache-module Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/google-authenticator-apache-module
Automatically exported from code.google.com/p/google-authenticator-apache-module
I've built the most recent revision: r10. However, I cannot seem to get this to
work, and looking at the error log it says Secret Key is "(null)". Here is my
auth file:
NNJITK6UBX4EEKHH
" TOTP_AUTH
50039494
27219159
58297638
85255199
44013977
Here is the output:
[Fri Apr 05 02:51:08 2013] [error] [client 192.168.1.1] **** COOKIE AUTH at
T=1365130268
[Fri Apr 05 02:51:08 2013] [error] [client 192.168.1.1] **** PW AUTH at
T=1365130268 user "ryan"
[Fri Apr 05 02:51:08 2013] [error] [client 192.168.1.1] Secret Key is "(null)"
@ T=45504342
[Fri Apr 05 02:51:08 2013] [error] [client 192.168.1.1] Checking codes @
T=45504342 "540324" vs. "16740"
[Fri Apr 05 02:51:08 2013] [error] [client 192.168.1.1] Checking codes @
T=45504342 "416549" vs. "16740"
[Fri Apr 05 02:51:08 2013] [error] [client 192.168.1.1] Checking codes @
T=45504342 "463812" vs. "16740"
[Fri Apr 05 02:51:08 2013] [error] [client 192.168.1.1] Checking codes @
T=45504342 "759680" vs. "16740"
[Fri Apr 05 02:51:08 2013] [error] [client 192.168.1.1] Checking codes @
T=45504342 "978939" vs. "16740"
[Fri Apr 05 02:51:08 2013] [error] [client 192.168.1.1] Validating for
"016740" Shared Key "(null)"
[Fri Apr 05 02:51:08 2013] [error] [client 192.168.1.1] user ryan:
authentication failure for "/phpmyadmin/": Password Mismatch
[Fri Apr 05 02:51:23 2013] [error] [client 192.168.1.1] **** COOKIE AUTH at
T=1365130283
[Fri Apr 05 02:51:23 2013] [error] [client 192.168.1.1] **** PW AUTH at
T=1365130283 user "ryan"
[Fri Apr 05 02:51:23 2013] [error] [client 192.168.1.1] Secret Key is "(null)"
@ T=45504342
[Fri Apr 05 02:51:23 2013] [error] [client 192.168.1.1] Checking codes @
T=45504342 "540324" vs. "379161"
[Fri Apr 05 02:51:23 2013] [error] [client 192.168.1.1] Checking codes @
T=45504342 "416549" vs. "379161"
[Fri Apr 05 02:51:23 2013] [error] [client 192.168.1.1] Checking codes @
T=45504342 "463812" vs. "379161"
[Fri Apr 05 02:51:23 2013] [error] [client 192.168.1.1] Checking codes @
T=45504342 "759680" vs. "379161"
[Fri Apr 05 02:51:23 2013] [error] [client 192.168.1.1] Checking codes @
T=45504342 "978939" vs. "379161"
[Fri Apr 05 02:51:23 2013] [error] [client 192.168.1.1] Validating for
"379161" Shared Key "(null)"
[Fri Apr 05 02:51:23 2013] [error] [client 192.168.1.1] user ryan:
authentication failure for "/phpmyadmin/": Password Mismatch
I've been trying for the past couple hours now, and try to tweak the underlying
code (I was able to hardcode the key as char *sharedKey=NNJITK6UBX4EEKHH;
instead of NULL in ga_check_password), but as I'm not too familiar with C I was
limited to what I could do.
I made a new auth file and scanned the code with a QR reader, so I know the
settings on the phone are correct
Original issue reported on code.google.com by [email protected]
on 5 Apr 2013 at 2:52
Need to support use of scratch codes, and invalidation of codes after use
Original issue reported on code.google.com by [email protected]
on 5 May 2011 at 5:18
What steps will reproduce the problem?
We have setup a Apache HTTPD reverse proxy with google-authenticator 2 factor
authentication. We use the reverse proxy as a single point of access to several
web applications under different subdomains. Currently there is no option to
set the domain for the authentication cookie, it will use the default which is
the host from the request. This means when the user authenticates with webapp1
the cookie's domain will be webapp1.example.com. And when the user accesses
webapp2 he'll need to re-authenticate. To avoid this we'd like to set the
domain for the cookie to be example.com and this way the browser would send the
cookie along with all requests to all of the webapps hosted in subdomains.
What is the expected output? What do you see instead?
I expect to have an option that allows to set the domain for the cookie.
What version of the product are you using? On what operating system?
Version: trunk, revision 22. OS: Ubuntu 14.04
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 5 Feb 2015 at 7:13
Apache allows passwords to be stored different ways - .htaccess file, database,
LDAP, etc.
Our static passwords should do the same, as well as other things we store
(codes).
Original issue reported on code.google.com by [email protected]
on 10 May 2013 at 3:30
What steps will reproduce the problem?
I have installed the google-authenticator-apache-module following the online
instructions.
When I try to log in the verification process fails because the module is
failing passing the user name on file.
This is the error message from apache log:
**** PW AUTH at T=******** user "root"
(2)No such file or directory: check_password: Could not open password file:
/etc/httpd/ga_auth/(null)
user root: authentication failure for "/admin/code/tce_edit_objects.php":
Password Mismatch
instead of passing the user name is passing "(null)"!
I have temporarily fixed the problem by creating a file named "(null)" that
works with any filename.
I'm using Scientific Linux 6.1 with Apache 2.2.15 and
google-authenticator-apache-module GoogleAuthBinary_v01.bz2
Original issue reported on code.google.com by [email protected]
on 6 Dec 2011 at 10:24
What steps will reproduce the problem?
1. Specify the location of the user authentication file in the apache
configuration file as specified in the documentation for GoogleAuthUserPath to
something like: /var/lib/www/ga_auth
2. Create a user file such as "[email protected]" in an incorrect
directory such as /var/lib/www. So that it is
/var/lib/www/[email protected].
3. At the Apache web authentication prompt, put as the username as
../[email protected]
4. Enter the expected password and code in the password field.
What is the expected output? What do you see instead?
Expected response from the web server is to deny access and ignore the parent
path specifier in the username, as no file of [email protected] exists
in /var/lib/www/ga_auth as specified in GoogleAuthUserPath. However, login is
successful and the file outside the specified GoogleAuthUserPath is read and
accepted anyways.
What version of the product are you using? On what operating system?
R21 on CentOS 6.4 with Apache 2.2.15.
Original issue reported on code.google.com by [email protected]
on 10 Oct 2013 at 4:43
Hi,
After loading module in apache and apache2 reload i have the following :
apache2: Syntax error on line 145 of /etc/apache2/apache2.conf: Cannot load
/etc/apache2/modules/mod_authn_google.so into server:
/etc/apache2/modules/mod_authn_google.so: wrong ELF class: ELFCLASS64
I am on ubuntu server 10.04 any idear?
Regards
Original issue reported on code.google.com by [email protected]
on 18 May 2011 at 11:23
Luckyjcell mentioned this in Issue #3, I am adding it as a separate bug.
There is a bug in the cookie parser, which makes it so that if the google_authn
cookie is not the *first* token in the cookie string, it is not recognized.
This will result in authentication not working when cookies are used on the
page/site.
I have a fix ready and in testing - to be released soon.
Original issue reported on code.google.com by [email protected]
on 22 Mar 2013 at 1:51
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.