[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

more complex problem (mixing pam and htpasswd)



Hi pam-list,
 
I've quite an interesting problem.
 
I am succesfully running mod-auth-pam-1.1.1  with Apache 1.3.27 on Linux Redhat 7.3
 
Some directories of websites are secure and only accessable with a system user ID, so /etc/passwd and /etc/shadow are succesfully accessed by PAM.
But.... other secured directories have to be accessable with "custom login accounts" created with htpasswd
 
For "custom login accounts" I use the directive "AuthPAM_Enabled off" to turn off the AUTHPAM module. Unfortunately in this case the directive "AuthUserFile" pointing to my users/passwords file isn't interpreted (by Apache).
 
 
Please review my settings below and help me find a solution for it.
 
Thanks in advance,
Ruben
 
 
 
Preparation (make apache read /etc/shadow, else PAM can't authenticate)
$ /usr/sbin/groupadd -r /shadow-readers
$ chmod 660 /etc/shadow
$ chown root:shadow-readers /etc/shadow
 
Configuration of /etc/pam.d/httpd
auth        required        /lib/security/pam_unix_auth.so
account   required        /lib/security/pam_permit.so
Snippet from file: /usr/local/apache/conf/httpd.conf
...
...
User nobody
Group shadow-readers
...
...
LoadModule pam_auth_module    libexec/mod_auth_pam.so
...
...
<VirtualHost xx.xx.xx.xx>
    ServerName www.mysite.com
    DocumentRoot /home/www/mysite.com/wwwroot
    # All users from group FTP are allowed to login
    # This works fine!
    <Directory /home/www/mysite.com/wwwroot/pamsecure>
         AuthPAM_Enabled on
         AuthType Basic
         AuthName "PAM Realm"
         Require group ftp
    </Directory>
    # Only user "customuser" created with htpasswd ( htpasswd -c /usr/local/apache/passwords/passwords.acl customuser )
    # is allowed to login.
    # This doesn't work, somehow!
    <Directory /home/www/mysite.com/wwwroot/customsecure>
        AuthPAM_Enabled off
        AuthType Basic
        AuthName "Custom Realm"
        AuthUserFile /usr/local/apache/passwords/passwords.acl
        Require user customuser
    </Directory>
</VirtualHost>
...
...
 
 
 
 
 
------------
Bezoekadres:  Amtex Internetdiensten, Plantsoengracht 2, 1441 DE  Purmerend, The Netherlands
Correspondentieadres: Amtex Internetdiensten, Wipmolen 148, 1444 GZ  Purmerend, The Netherlands
 
Tel. +31(0)299-772529, Cellular. +31(0)6-20044798, Fax. +31(0)84-8761792
Website:
http://www.amtex.nl, Company Email: info@amtex.nl
 
Consultancy - Interactive websites - Webhosting - Database connectivity - E-business solutions
 
Amtex Internetdiensten is onderdeel van Proto56 Internet Solutions

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []