If you can see this check that

           prev section up prev page next page

User Authentication in Apache

Basic Authentication
User:
Password:

This tutorial is concerned with the configuration of Basic Authentication in apache.

Question 1: Create TOM

Build a user called "tom" to experiment with. Use 

adduser tom

You also need to have the apache service (httpd) running.

Make sure your httpd.conf file supports User public_html directories. Look through the /etc/httpd/conf/httpd.conf file for a line: 

  UserDir disable

When you find this line delete it, or put a # infront of it.

Now create a user called "tom", create a public_html directory in tom's home directory, and create a file p1.html in the public_html. The contents of this file should be: 

<html>
<body>
<h1>TOM</h1>
<p>
Document body goes here.
</p>
</body>
</html>

The /home/tom, /home/tom/public_html, and /home/tom/public_html/p1.html file must be readable (and for the directories readable and executable) by other.

Tests - not attempted
Apache Running UNTESTED
UserDir seems to be disabled UNTESTED
Tom exists UNTESTED
Tom has a public_html which he owns UNTESTED
Tom has a home directory readable and executable by others UNTESTED
Tom has a public_html readable and executable by others UNTESTED
Tom has a file p1.html which he owns UNTESTED
p1.html is readable by others UNTESTED
p1.html contains the word TOM (case sensitive) UNTESTED
http://host/~tom/p1.html actually works UNTESTED

Question 2: Add two new directories/files

Create the following directories, each of which must be world readable and executable:

  • /home/tom/public_html/richard
  • /home/tom/public_html/harry

In each of these new directories create a file similar to p1.html, but called:

  • /home/tom/public_html/richard/p2.html
  • /home/tom/public_html/harry/p3.html

In "richard/p2.html" replace the word TOM with RICHARD. In "harry/p3.html" replace the word TOM with HARRY. Case is important.

Tests - not attempted
Can read http://../~tom/richard/p2.html UNTESTED
http://../~tom/richard/p2.html contains RICHARD UNTESTED
Can read http://../~tom/harry/p3.html UNTESTED
http://../~tom/harry/p3.html contains HARRY UNTESTED

Question 3: Allow AuthConfig for public_html

Using the <Directory> tag in the httpd.conf file to allow AuthConfig for public_html directories. Look for something like: 

# <Directory /home/*/public_html>
#   AllowOverride FileInfo AuthConfig Limit

and just before this try something like: 

<Directory /home/*/public_html>
    AllowOverride AuthConfig
</Directory>

Do not forget the reload or restart your apache server after making this change!

Tests - not attempted
Directory detected for public_html UNTESTED

Question 4: Basic Auth file

Create a password file for basic authentication. Remember this has nothing to do with normal unix users, and even less to do with /etc/passwd!

The htpasswd command allows you to create the file, and to add users to the file. Use it to create a basic authentication password file called "/home/tom/webpasswd". Put into this file two users with the following passwords: 

User: richard              Password: pass1
User: harry                Password: pass2
Tests - not attempted
/home/tom/webpasswd exists and seems readable UNTESTED
Contents semi-sensible for richard? UNTESTED
Contents semi-sensible for harry? UNTESTED

Question 5: Secure richard/

Secure the public_html/richard directory so only a user with the basic authentication details of richard, password pass1, can access the files.

Tests - not attempted
Basic Auth needed on ~tom/richard/p2.html UNTESTED
Basic Auth using richard/pass1 works for ~tom/richard/p2.html UNTESTED
Basic Auth using harry/pass2 fails for ~tom/richard/p2.html UNTESTED

Question 6: Secure harry/

Secure the public_html/harry directory so only a user with the basic authentication details of group "magic" can access the contents.

To answer this question, create a group file "/home/tom/webgroup" with the following contents: 

magic: richard harry

Make sure in the .htaccess file in the harry directory you use only "Require group" and not some sort of "Require user" command.

Tests - not attempted
/home/tom/webgroup exists and seems readable UNTESTED
/home/tom/webgroup contains right magic: definition UNTESTED
No Require User in .htaccess UNTESTED
Using Require Group magic in .htaccess UNTESTED
Basic Auth needed on ~tom/harry/p3.html UNTESTED
Basic Auth using richard/pass1 works for ~tom/harry/p3.html UNTESTED
Basic Auth using harry/pass2 works for ~tom/harry/p3.html UNTESTED
Tutlinks: intro1 intro2 wildcard permission pipe vi essential admin net fwall DNS diag Apache1 Apache2 MySQL1 MySQL2
Useful: Quiz Forums
Site Links:XMLZoo ActiveSQL ProgZoo SQLZoo