Server-Side Authentication: Studio Exercise ( 2 February 2005)
Using Server-Side Authentication on Grace
The apache web server includes a program called htpasswd that allows you to create users and associated passwords for access restrictions on web directories. To password-protect a directory you need to do two things. First, use the htpasswd program to create a user and associated password in a world-readable file, and second, create an .htaccess file in the directory you want to restrict that references the password file.
If youve never created a password file before:
1. Create a directory in your home directory (not your www directory) to put the password file in.
1. Change the permissions on the directory you just created to 755
1. Make sure you're in the directory you just created, and run the htpasswd program with the -c flag to create a new password file. You can name your password file whatever you�d like, but I suggest "hiding" it by starting the name with a period. You also must specify a user name to include in the password file when you first create it. (You�ll be prompted for a password for that username.)
htpasswd -c password_file_name username
1. Change permissions on the new password file (whatever you put for password_file_name in the above command) to 644
If you have a password file, but want to add a new user to it:
1. Make sure you�re in the directory where the password file is located.
1. Run the htpasswd program without the -c flag, specifying the name of the existing password file, and the new username to add.
htpasswd password_file_name username2
To restrict a web directory to a user specified in the password file:
Create a world-readable file called .htaccess in the web directory you're protecting, with the following contents:
AuthUserFile /users/ritX/gX/yourid/pw_file_directory/pw_file_name AuthGroupFile /dev/null AuthName Whatever_You_Want AuthType basic require user username username2
The AuthUserFile path should be the full UNIX path to your password file. (To find the path, change to the directory the password file is in, and type 'pwd'.)
The AuthGroupFile should be left as /dev/null
AuthName is the label that will appear in the password prompt box; it can be whatever you�d like, but it cannot have spaces in it.
AuthType should be left as basic
Replace "username" in the last line with one or more users you've added to your password file using htpasswd. (The example uses two usernames.)
To restrict a web directory using DCE authentication:
On Grace, you can also use the .htaccess file to restrict access using DCE usernames rather than your own password file. You can only use DCE authentication through the secure (SSL) server, which means your page will have to be referenced using the https protocol, i.e. https://www.rit.edu/~abc1234/protected_directory/
To limit access to any RIT user with a valid DCE userid, use the following .htaccess syntax:
AuthDCE On AuthType Basic AuthName dce require valid-user
To limit access to only specific DCE user(s), use the following .htaccess syntax:
AuthDCE On AuthType Basic AuthName dce require user dceid1 dceid2
Excerpt: I just can't help myself! I'm really getting into these back-end coding exercises since it's all so new to me and there's alot of cool stuff that I can do with it! So check out my: Normal Password Directory DCE...
Read More: Server-Side Authentication
Excerpt: This is the exercise we were supposed to do this week. We had to create a directory where you would need to type in a password to access the page, and then create another where you need to type in...
Read More: Authentication
Excerpt: This week in class we talked about protecting directories by requiring a password to access them. We did two examples, one that requires a password, and one that grants access to any DCE user. Password Protected DCE Protected...
Read More: Authentication
Excerpt: I have completed the SSI and .htaccess exercises. If you follow this link you can find them, combined into one. To log in, use the user: happy and the pass: gilmore (the hint is "best movie ever"). The page that...
Read More: SSI and .htaccess
Excerpt: I figured out how to do the in class exercises and work program in some of the password prompts through UNIX. Here they are. The username/password is student/student. Normal Password and DCE Password...
Read More: Exercise Passwords
Excerpt: Alright, so last class we learned how to add a password to restrict access to a folder and we also learned about server side includes. Here is a page demonstrating these two things. Username: guest Password: access If you want...
Read More: SSA & SSI
Excerpt: I got the authentication exercises working for this exercise: Manual User Entry - name:user pw: access DCE User Entry...
Read More: Authentication
Excerpt: Websites for Authentication
Read More: Authentication
Excerpt: I found the server side authentication topic fairly easy to understand. I did both the regular User Authentication site and the DCE Authentication site....
Read More: Server Side Authentication exercises
Excerpt: Today I made a password protected directory using the apache .htaccess file. If you go here, your web browser will prompt you for a username and password (409user/409user), and once entered correctly, will display the index file. This exercise was...
Read More: Password protecting directories
Excerpt: I liked this excersie. I can see a need for this as I see the same type of thing done on or intranet at work. So only certian pople get access to vitial information concerning mail volumes and delayed mail....
Read More: Server-Side Authentication: Studio Exercise
Excerpt: Today we covered server side technologies such as server side authentication and server side includes. You can find my leetsauce (hint: thats the user name and password) here. You can find my sweet SSI page here....
Read More: Server Side Technologies
And here is my includes page:
http://www.rit.edu/~kps8191/409/ssi.html
Posted by: Kevin Sweeney on January 28, 2005 9:42 PM | Permalink to Comment
(Trackback link: http://www.it.rit.edu/~ell/mt/mt-tb.cgi/1231)