Access Control for Own User Administration
You can also control access to WWW documents via self-administered "secrets". To do this, write in the .htaccess
file:
AuthName "protected area"
AuthType Basic
AuthUserFile full filename
AuthGroupFile full filename
Require user name ... # or
Require group name ... # or
Require valid-user
As AuthName a name is used that is displayed to the user when the identifier + password are requested.
After AuthUserFile has to stand the full filename of the file containing the identifiers and passwords.
E. g. /afs/tu-chemnitz.de/www/root/test/.htpasswd
, for a file within the HOME directory,
e. g. /afs/tu-chemnitz.de/home/urz/o/otto/public_html/restricted/.htpasswd
Such a file has lines with the following structure:
Identifier:encrypted-password
To generate such entries, this Web form must be used. This creates a line from your entries that you can transfer to a corresponding password file.
Alternative: Under Linux use the command htpasswd
:
htpasswd pw-file www-name
In the file pw-file an entry with the name www-name is added or changed, if the name already exists.
The password is requested. To create a new file the following must be used:
htpasswd -c pw-file www-name
In an AuthGroupFile groups of names (from the AuthUserFile) can be arranged:
Group: name1 name2 name3 ...
Attention:
These files should not be accessible via the WWW server.
You can use .htpasswd
as file name, since the server protects this file.
With Require one finally specifies which name (Require user name ... - from the AuthUserFile) resp. groups (Require group name ... -from the AuthGroupFile) access is permitted. You can enter several names or groups, separated by spaces. Require valid-user allows access to all users entered in AuthUserFile.
Example:
Files in the dir21 directory should only be accessible to users who know a secret, namely the name Apple
and the password pie
:
.htaccess
-File in dir21 directory contains:
AuthName "Cozy Cake"
AuthType Basic
AuthUserFile /afs/tu-chemnitz.de/www/root/urz/www/auth/examples/dir21/.htpasswd
Require user Apple
AuthGroupFile was omitted, as it is not needed here.
The password file was created with:
unix> htpasswd -c /afs/tu-chemnitz.de/www/root/urz/www/auth/examples/dir21/.htpasswd Apple Adding password for Apple. New password: pie Re-type new password: pie Password for Apple changed.Result