Differences
This shows you the differences between two versions of the page.
|
wiki:software:www:advanced [2012/09/24 13:45] David C LeFevre [User Authentification] |
wiki:software:www:advanced [2012/09/24 15:48] (current) David C LeFevre [User Authentication] |
||
|---|---|---|---|
| Line 41: | Line 41: | ||
| </code> | </code> | ||
| - | ===== User Authentification ===== | + | ===== User Authentication ===== |
| - | + | **A word of caution:** The procedure below sets up basic authentication only. It is not to be considered highly secure. Basic authentication is a handy solution to require a username and password to access a particular web directory but it isn't robust enough to secure highly sensitive data! | |
| **STEP 1.** Create a directory (name whatever you want) in your __home directory.__ In this example, I called it "authdir". This directory will contain the .htpasswd file, which contains the passwords you give to the 'invited'- guests'. | **STEP 1.** Create a directory (name whatever you want) in your __home directory.__ In this example, I called it "authdir". This directory will contain the .htpasswd file, which contains the passwords you give to the 'invited'- guests'. | ||
| Line 62: | Line 62: | ||
| <code bash> | <code bash> | ||
| chmod 0644 [protected directory]/.htaccess | chmod 0644 [protected directory]/.htaccess | ||
| - | </code | + | </code> |
| **STEP 3.** At your Unix shell command prompt, enter the following: | **STEP 3.** At your Unix shell command prompt, enter the following: | ||
| Line 69: | Line 69: | ||
| /usr/local/bin/htpasswd -c ~/authdir/.htpasswd user_name_A | /usr/local/bin/htpasswd -c ~/authdir/.htpasswd user_name_A | ||
| </code> | </code> | ||
| + | |||
| The above line may be repeated as many times as you need to add more users. Make sure to include the -c flag __IF YOU CREATE THE FILE .__htpasswd FOR THE FIRST TIME. -c flag is not required in subsequent addition of new users. | The above line may be repeated as many times as you need to add more users. Make sure to include the -c flag __IF YOU CREATE THE FILE .__htpasswd FOR THE FIRST TIME. -c flag is not required in subsequent addition of new users. | ||
| If you successfully execute the htpasswd command, you will be prompted to enter the password of your 'guest' twice. | If you successfully execute the htpasswd command, you will be prompted to enter the password of your 'guest' twice. | ||
| + | |||
| + | The directory where your .htpasswd resides needs to have read and execute permissions. | ||
| + | |||
| + | <code bash> | ||
| + | chmod 0755 ~/authdir/ | ||
| + | </code> | ||
| Your .htpasswd file also needs to be set to the correct permissions. | Your .htpasswd file also needs to be set to the correct permissions. | ||
| Line 77: | Line 84: | ||
| <code bash> | <code bash> | ||
| chmod 0644 ~/authdir/.htpasswd | chmod 0644 ~/authdir/.htpasswd | ||
| - | </code | + | </code> |
| Make sure to have the correction protection mode in the authentication-required directory. A suggested protection mode is user-group executable and readable. This example shows a simple password-protected web page. To add additional users, (if, for example, each user who wants to access your protected pages needs their own password, simply run htpasswd again for each username/password pair. | Make sure to have the correction protection mode in the authentication-required directory. A suggested protection mode is user-group executable and readable. This example shows a simple password-protected web page. To add additional users, (if, for example, each user who wants to access your protected pages needs their own password, simply run htpasswd again for each username/password pair. | ||
| + | |||
| + | For a more in depth tutorial on User Authentification using .htaccess and .htpasswd, see this page: http://weavervsworld.com/docs/other/passprotect.html | ||
| Have fun! | Have fun! | ||