Apache is the current popular Web server, can run in Linux, Unix, Windows and other operating systems, it can well solve the "username + password" authentication problem. The user name and password required for Apache authentication are stored in two different ways: one is a text file and the other is a database of mSQL, Oracle, and MySQL. The following is an example of the Linux Apache, which provides a brief description of the Apache user authentication for Windows in both of these storage modes. Let's introduce the way to achieve this through the text authentication.
It takes three steps to establish a user's authentication authority:
1, the establishment of user library
2, configure the server protection domain
3, tell the server which users have access to resources
Nonsense not many examples most clearly pull! ~ If a directory of documents such as/home/ftp/pub need to do user authentication
To create an authenticated user
@htpasswd –c/*/.password Xuanfei
|
Create an authentication group
@vi/*/.groupxuanfei-group:xuanfei Xuanfei1
|
Basic Apache user authentication method:
Add the following line to the httpd.conf
<>options indexes followsymlinksallowoverride Authconfigorder allow,denyallow from all<>
|
or add to/etc/httpd/conf.d/a new profile with a. conf End file name
〈directory/home/ftp/pub>options indexesallowoverride Authconfigorder Allow,denyallow from all〈/Directory>
|
Used in the directory/home/ftp/pub decentralized files. htaccess, the contents are as follows:
AuthName "Shared Files" authtype basicauthuserfile/*/.passwordrequire valid-user#require Group xuanfei-group//Receive groups so users #requirre user Xuanfei//Receive Xuanfei individual users
|
Generate file/etc/.passwd with a program htpasswd with Apache, one user name per line: password
Access is allowed as long as the correct username and password pair are available, which is for any address
Requests are required to provide user name and password authentication.
Authentication is required for some network segments or addresses.
If the network segment of the company LAN is 10.45.63.0/24, and a firewall line is connected to the Internet,
Internal network card address for 10.45.63.1/32, then now want all by dialing local 633 through
The Apache reverse proxy on the firewall needs authentication when it accesses another WWW server on the LAN, while the local
Users on the LAN are not required to authenticate. Can be placed in the httpd.conf:
〈directory/home/ftp/pub>options Indexes followsymlinksallowoverride Authconfigorder Deny,allowdeny from 10.45.63.1〈/directory>
|
And put in the/home/ftp/pub/.htaccess:
AuthName "Shared Files" AuthType Basicauthuserfile/etc/.passwdrequire valid-usersatisfy any
|
There are different permissions for the same directory and subdirectories under it, and only some people can access subdirectories in one directory.
If there is a directory/home/ftp/pub/host, there are three users user1,user2,user3 need a username
And the password enters the/home/ftp/pub, but only the user1,user2 can enter the/home/ftp/pub/host.
Drop the line to httpd.conf
〈directory/home/ftp/pub>options indexesallowoverride Authconfigorder Allow,denyallow from All〈/Directory>〈 Directory/home/ftp/pub/host>options indexesallowoverride Authconfigorder Allow,denyallow from all〈/Directory>
|
and see/home/ftp/pub/.htaccess as:
AuthName "Shared Files"
AuthType Basic
authuserfile/etc/.passwd
Require Valid-user
And look at/home/ftp/pub/host/.htaccess.
AuthName "Shared Files"
AuthType Basic
authuserfile/etc/.passwd
Authgroupfile/etc/.hostgroup
Require group manager
And the file/etc/.passwd content is:
User1:passwd1
User2:passwd2
User3:passwd3
And the file/etc/.hostgroup content is:
Manager:user1 User2