Authentication setup

[DevSecNinja]

Is this menu to authenticate with the NRF905 or is it for configuring the authentication? I think it's the latter. I also wonder if the setup screen should be accessible after the NRF905 is out of it's initial setup. Especially the authentication part of the setup. Otherwise the username and password can be easily changed by someone on the network.

[eelcohn]

Thanks for your reply, I now realize that this might be a bit confusing. This menu allows you to set a username and password so that you can only access the Arduino with that username and password. The config wizard is also available after the initial setup. What do you mean by the username and password can be easily changed by someone on the network.? I tried to design it in such a way that the only time you can change the username/password is when the Arduino is in access point mode (in the initial stage of the setup).

[DevSecNinja]

Thanks for your reply, I now realize that this might be a bit confusing. This menu allows you to set a username and password so that you can only access the Arduino with that username and password. The config wizard is also available after the initial setup. What do you mean by the username and password can be easily changed by someone on the network.? I tried to design it in such a way that the only time you can change the username/password is when the Arduino is in access point mode (in the initial stage of the setup).

Thanks for the swift reply!

"This menu allows you to set a username and password so that you can only access the Arduino with that username and password." -> that does not work for me in access point mode. When I change the password to a 40 character long password with only numbers and letters, it comes up with a pop-up:

Both the new password and the nrf905 password don't work anymore. After rebooting the device, I can get back to the authentication setup. I've also tried a shorter password length of 15, 8 and 6 characters, but that didn't work either. That's when I came to the conclusion that only nrf905 as a password worked in the password field of the portal and the prompt.

What's also interesting is that when I finish the configuration and click on the reboot button, the reboot never gets executed. I need to disconnect it from the COM port to enforce the switch to receive mode.

[spudje]

I also can't get past this step. Whatever username and password I pick and then fill in the popup, it doesn't accept the credentials and eventually I get an authentication failed.

[spudje]

My serail debug log looks like this:

nRF905 API version 1.0.0 readConfigRegisters 00:6C:00:44:20:20:E7:E7:E7:E7:DB: writeConfigRegisters 00:6C:00:44:20:20:E7:E7:E7:E7:DB: nRF905: config ok nvram: read invalid signature Switching to AP mode [D][WiFiGeneric.cpp:374] _eventCallback(): Event: 0 - WIFI_READY WiFi SoftAP: setup done [D][WiFiGeneric.cpp:374] _eventCallback(): Event: 14 - AP_START WiFi SoftAP: IP address: 192.168.4.1 nvram: load defaults ok [D][WiFiGeneric.cpp:374] _eventCallback(): Event: 16 - AP_STACONNECTED [D][WiFiGeneric.cpp:374] _eventCallback(): Event: 18 - AP_STAIPASSIGNED [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found http: /cfglang [E][WiFiClient.cpp:395] write(): fail on fd 62, errno: 104, "Connection reset by peer" http: /cfglang [E][WiFiClient.cpp:395] write(): fail on fd 56, errno: 104, "Connection reset by peer" http: /cfglang [E][WiFiClient.cpp:395] write(): fail on fd 57, errno: 104, "Connection reset by peer" [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found http: /cfglang http: /cfgauth [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found [E][WebServer.cpp:630] _handleRequest(): request handler not found

[renini]

If i recall correctly i had the same thing with Edge/Chromium... did you try a different browser?

[spudje]

Unfortunately no difference. Tried with firefox and then I only had Chromium variants (Chrome, Brave, Edge).

[spudje]

I tried one of the ESP32 out of the box examples, Webserver HttpBasicAuth in wifi client (station) mode, and that works fine. So I'm sure, the hardware (at least the ESP32 part) is OK. I guess there's something in the nRF905 code which I miss why I can't make it working?

Mmm, the Http Digest Auth (Advanced Auth) example fails in the exact same way as this nrf905 code. So it's an issue with the webserver code :( Maybe I'll rewrite everything to Basic Auth?

[spudje]

nrf905_BasicAuth.zip I rewrote everything so it makes use of basic authentication instead of digest authentication and all works fine.

[MunkeyBalls]

nrf905_BasicAuth.zip I rewrote everything so it makes use of basic authentication instead of digest authentication and all works fine.

This still doesn't work for me. During the wizard I set the l/p, login pops up, and it still won't accept the l/p I just set.

[jlabeeuw]

See my new issue about of usage sizeof(). I had to remove that for using my own username and password.