Apache Server Introduction user authentication simple configuration scheme set

Apache is the current popular Web server, can run in Linux, Unix, Windows and other operating systems, it can well solve the "username + password" authentication problem. The user name and password required for Apache authentication are stored in two different ways: one is a text file and the other is a database of mSQL, Oracle, and MySQL. The following is an example of the Linux Apache, which provides a brief description of the Apache user authentication for Windows in both of these storage modes. Let's introduce the way to achieve this through the text authentication.

It takes three steps to establish a user's authentication authority:

1, the establishment of user library

2, configure the server protection domain

3, tell the server which users have access to resources

Nonsense not many examples most clearly pull! ~ If a directory of documents such as/home/ftp/pub need to do user authentication

To create an authenticated user

@htpasswd –c/*/.password Xuanfei

Create an authentication group

@vi/*/.groupxuanfei-group:xuanfei Xuanfei1

Basic Apache user authentication method:

Add the following line to the httpd.conf

<>options indexes followsymlinksallowoverride Authconfigorder allow,denyallow from all<>

or add to/etc/httpd/conf.d/a new profile with a. conf End file name

〈directory/home/ftp/pub>options indexesallowoverride Authconfigorder Allow,denyallow from all〈/Directory>

Used in the directory/home/ftp/pub decentralized files. htaccess, the contents are as follows:

AuthName "Shared Files" authtype basicauthuserfile/*/.passwordrequire valid-user#require Group xuanfei-group//Receive groups so users #requirre user Xuanfei//Receive Xuanfei individual users

Generate file/etc/.passwd with a program htpasswd with Apache, one user name per line: password

Access is allowed as long as the correct username and password pair are available, which is for any address

Requests are required to provide user name and password authentication.

Authentication is required for some network segments or addresses.

If the network segment of the company LAN is 10.45.63.0/24, and a firewall line is connected to the Internet,

Internal network card address for 10.45.63.1/32, then now want all by dialing local 633 through

The Apache reverse proxy on the firewall needs authentication when it accesses another WWW server on the LAN, while the local

Users on the LAN are not required to authenticate. Can be placed in the httpd.conf:

〈directory/home/ftp/pub>options Indexes followsymlinksallowoverride Authconfigorder Deny,allowdeny from 10.45.63.1〈/directory>

And put in the/home/ftp/pub/.htaccess:

AuthName "Shared Files" AuthType Basicauthuserfile/etc/.passwdrequire valid-usersatisfy any

There are different permissions for the same directory and subdirectories under it, and only some people can access subdirectories in one directory.

If there is a directory/home/ftp/pub/host, there are three users user1,user2,user3 need a username

And the password enters the/home/ftp/pub, but only the user1,user2 can enter the/home/ftp/pub/host.

Drop the line to httpd.conf

〈directory/home/ftp/pub>options indexesallowoverride Authconfigorder Allow,denyallow from All〈/Directory>〈 Directory/home/ftp/pub/host>options indexesallowoverride Authconfigorder Allow,denyallow from all〈/Directory>

and see/home/ftp/pub/.htaccess as:

AuthName "Shared Files"

AuthType Basic

authuserfile/etc/.passwd

Require Valid-user

And look at/home/ftp/pub/host/.htaccess.

AuthName "Shared Files"

AuthType Basic

authuserfile/etc/.passwd

Authgroupfile/etc/.hostgroup

Require group manager

And the file/etc/.passwd content is:

User1:passwd1

User2:passwd2

User3:passwd3

And the file/etc/.hostgroup content is:

Manager:user1 User2