The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPanel/WHM uses problematic non-standard login authentication?

Discussion in 'General Discussion' started by JinGu, Aug 30, 2006.

  1. JinGu

    JinGu Member

    Joined:
    Mar 26, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    Like many people, I use Roboform software to fill in username and password forms. My roboform is securely storing logins for over 500 sites, so there's no way I'm going back to manually filling in forms! Unfortunately, the software has a problem with WHM/cPanel, and since I haven't experienced a problem with any of the other 500 logins that I'm storing, it leads me to guess there is something unusual about the way that WHM/cPanel is creating the login popup...

    When you first enter your username/password into a new login form (or Basic Authentication popup as is the case with WHM/cPanel), Roboform asks if you want to store those details, and when you access that same page in the future it will auto-fill those details for you. Roboform has no problem storing these details with WHM/cPanel, it works great. BUT if you go to the same page and enter DIFFERENT username/password details (eg. you have multiple cPanel accounts on the same server) then Roboform stores a second set of login details. On most sites, if you access a login page and Roboform is storing more than one login then it asks which login it should use to fill the form. However with WHM/cPanel the 'select login' box doesn't appear - so there is no way to select the second set of login details. Roboform has no trouble auto-filling the details from the first login stored, but since the 'select login' box is somehow being blocked or stopped by the WHM/cPanel login popup, there is no way to select the other logins you've stored (eg. your other cPanel account logins for the same server). I have contacted the Roboform support team but they haven't been able to diagnose the problem - they have pointed out that their system usually works fine with Basic Authentication popups as used by WHM/cPanel, the Roboform 'select login' box usually appears without a problem.

    So, I am wondering if anyone knows how the login method used by WHM/cPanel is different than regular Basic Authenticion logins? Does anybody know a workaround? Any ideas at all? :)

    I do have one workaround, that is to press 'Cancel' on WHM/cPanel's login popup, which redirects to a web form, which works fine with Roboform. There are 2 problems with that workaround, the first is that you always need to Cancel the first login (unauthorized accesses are logged) and the second problem is the bug in the Stable and Release versions of cPanel that is sometimes preventing access via the web form - this is fixed in the Current version, but it would still be much better not to have to use the web form.

    Thanks,
    Leo
     
  2. globule

    globule Member

    Joined:
    Mar 20, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    Auto login in this way works fine for me. I use Konqueror browser on KDE/Linux which stores my cPanel/WHM login information along with login details for other sites securely in KDE's KWallet, in much the same way as Roboform.

    You could try using the LiveHeaders extension for Firefox to look at the headers being sent to and from the server. Compare the headers with another site that works fine and see if there is any major differences.
     
  3. JinGu

    JinGu Member

    Joined:
    Mar 26, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Thanks, I checked the headers from a standard Basic Auth login, and from the WHM/cPanel Basic Auth login, and they appear the same... No clues unfortunately.

    Anybody else have any ideas to figure out how WHM/cPanel's implementation of Basic Auth is somehow different than usual?
     
  4. JinGu

    JinGu Member

    Joined:
    Mar 26, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Good News! I sent the Roboform support team some test cPanel logins, and they figured out the problem - it's fixed in the upcoming Roboform v6.7.9 (should be public soon, I've tested the pre-release and it's working).
     
Loading...

Share This Page