[resolved] Password Required when none should be

99.99% certain it the “frog” image which is displayed in the upper left. As I stated above, I removed authentication from the images directory. Mine is an old TB install, but it appears this has happened to at least a couple of other flavors as well.

It was a fairly easy fix…once I realized what the problem was.

Wish I could join Ya’ll in Huntsville next month, but I’ll be on vacation the week before.



send your colleague and he can fill you in!

…as far as the frog, tango has been up in that corner in the previous release also. There’s clearly something that seems to have changed between the releases and I’m trying to figure out what the change was???

Pluse, on my system, checking the properties of that frog:

which is consistent with the page.tpl.php template of the ARI and where it is pulling it’s frog from.

Well, That’s all pretty peculiar. As I said, my fix seems to be working. I’ll actually be in Alabama the week before the seminar, but I’ll be at the racetrack at Talladega. Will be heading home on Monday.

In the meantime, if there’s anything you want me to try, let me know.


I think I have found the problem, in 2.6 this line was added in recordings:

<script  type="text/javascript" src="../../admin/common/libfreepbx.javascripts.js"></script> 

And that could trigger the login page if you have protected the admin directory.

Now I need to figure out why this line was added and why nobody complained about it until 2.7 as it has been in 2.6 since 09/07/09


probably needs to be remove, the library just needs to be copied or linked to where ARI can get to it.

as far as what made it start happening, ??? other than maybe some of the people skipped straight to 2.7 from 2.5?

hmm … from what I can tell with SVN log, it was put there but isn’t being used for anything in ARI as of yet though there may be third party modules not part of FreePBX currently that do use it.

I would say it’s a good idea to keep the js library accessible to ARI, but it’s own copy to avoid issues like this.

Before making a change though, can those of you who are having this issue simply delete that line out of their theme/page.tpl.php file and confirm if the problem goes away?

It was added because it there are some (3rd party?) modules that could use a js bump. I’m sure we can find a more elegant solution that wont require authentication though…

I removed the above referenced line and ARI seems to be working.

By the way, I used 2.6 for quite a while without any problems before upgrading to 2.7.

I’ve also removed the directives in the httpd.conf file that allowed access to the various subdirectories.


After two days of use here with the line of code deleted, we’ve had no further problems.


thanks for the feedback and feel free to file a bug against that so we don’t space addressing it. It’s definitely a bug.

Ok. I’ll file a bug. Just wanted to make sure it wasn’t me. Hate to file a bug report because I’m having a brain [email protected]#t.


I also want to report success. I was hesitant to report the bug as I attributed it to a turd trixbox left on the system that I had not dealt with.

This box had the exact same history as Bill’s, ancient pre-fork trixbox that had long been stripped but never touched out of laziness since it simply worked.

Thanks as always for the quick response Philippe.

thanks to mickecarlsson actually, he’s the one who uncovered it above. I’m just surprised more people haven’t run into the issue on 2.6 as it is very much there as well.

Just for clarifications: has this issue been reported on NON trixbox systems?

I just tried taking that line out in page.tpl.php, and it didn’t work - it still prompts me for the password.
Is there anything besides that that I need to rake out?

There’s a module update for 2.7 that addresses this. Philippe pushed it out last night. There were no reports of any problems from my users today. Thanks, Philippe and Mike for staying up half the night over the weekend to troubleshoot the problem.

isaacl: You shouldn’t have to, but I think I restarted httpd after I took out the line. You might try that.

Moshe: isaacl reported the issue with a PIAF install. Says he took out the line but is still having problems.


there could be something else lurking in there, but this was definitely a bug and obviously responsible for your situation.

I’m going to try updating the modules now, and I’ll report back…
And the PIAF install didn’t come with 2.7 - I updated, but it was present afterwards.
And thanks to everyone who was on top of the issue, and helped work it out.

I installed it, and it seems to have worked.
The only thing is, I added a way for users to get their messages remotely, by forwarding a port on my router to my PBX IP address, and opening the recordings page, and when I tried that, it still asked for a password…
Should that be happening?

Are you forwarding it to the root or to the recordings directory?

If you’ve opened a port which requires this:

http://boxipaddsress:portno (

You’ll probably get one password request, the users can press cancel and continue.

If your access to voicemail looks something like this:
and you get a password request or if you get multiple requests, then there is a problem.