authentication in apache for a subdirectory
redhatdude at bellsouth.net
redhatdude at bellsouth.net
Wed Jun 22 22:14:15 UTC 2005
Hello Ankush,
To make a folder password protected you need more than just that
<Directory> entry in your httpd.conf file. You need to first create
the password for the user that would be having access to such folder.
You have two options to protect a folder but they're not very secure.
The first one is Basic with the htpasswd command. Basic transmits the
user and pass in clear text. The second one is Digest with the
command htdigest. Digest does not transmit the user and pass in clear
text. However, the communications after authentication is not
encrypted and can be picked up by a sniffer. The third method would
be to use either one of these two methods over SSL which is a little
bit more complex but it encrypts everything making it very secure.
For Basic authentication issue the following command:
htpasswd -c /opt/htpasswd/passwd.users username
In httpd.conf
<Directory /var/www/html/myfolder>
AuthType Basic
AuthName "Access to the Modules"
AuthUserFile /opt/htpasswd/passwd.users
Require user username
</Directory>
For Digest issue the following command:
htdigest -c /opt/htpasswd/passwd.users username
In httpd.conf
<Directory "/var/www/html/myfolder">
Order Deny,Allow
Deny from .gov <-----------You can use this in both methods to deny
certain domains to access your folder
AuthType Digest
AuthName "username"
AuthDigestFile /opt/htpasswd/passwd.users
Require user username
</Directory>
I hope this helps
EJ
On Jun 22, 2005, at 8:20 AM, Ankush Grover wrote:
> Hey,
>
> I want to configure authentication for a particular directory and
> subdirectories below that directory.
>
> I have written these entries in httpd.conf ,but authentication is
> not working.
>
> <Directory /var/www/html/open/hms/modules>
> AllowOverride AuthConfig
> AuthType Basic
> AuthName "Access to the Modules"
> AuthUserFile /opt/htpasswd/passwd.users
> Require valid-user
> </Directory>
>
>
> Can anybody tell me why the authentication is not working.I want that
> any user who tries to access modules directory or anyother directory
> below should be prompt for username and password .
>
>
> Thanks & Regards
>
> Ankush Grover
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
More information about the fedora-list
mailing list