Basic Authentication for Apache
To implemented shared-account authentication in Apache, start by creating a user account and assigning a password to that account. You can do that with the htpasswd tool, like this:
htpasswd -c subscribers subscriber
This command prompts for a password and when you supply one, it
creates a file called subscribers
containing a
single record for a user named subscriber, along
with an encrypted version of the password you type in.
To control access to all the files in a directory, you need to
associate the user account with a web subtree. In Apache, you do that in
the server’s configuration file (either
access.conf
or the master file
httpd.conf
) like this:
<Directory /web/Docbase/ProductAnalysis/docs> AuthType Basic AuthName subscribers AuthUserFile /secure/subscribers require user valid-user </Directory>
Group Authentication in Apache
You can define a group of subscribers by listing names in a file, like this:
subscribers: ed joe sharon
If that group definition is stored in the file
/secure/groups
, you can use the following configuration directives to permit only
group members:
<Directory /web/Docbase/ProductAnalysis/docs> AuthType Basic AuthName subscribers AuthUserFile /secure/subscribers AuthGroupFile /secure/groups require group subscribers </Directory>
In this case, you have to define the group in
/secure/groups
and also list all the individual
subscribers and their passwords in
/secure/subscribers
.
Managing Larger Groups in Apache
If there are ...
Get Practical Internet Groupware now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.