Linux+apache Implement user authentication

I. Preamble

Now many web sites have strict restrictions on the access rights of users, users need to give "username/password" to confirm their identity when accessing certain resources.

Currently, the most common authentication method is to use the user name, password stored in a database, when users want to access certain restricted resources, to enter a user name and password in a page, the program will user input username and password and database stored "username/password" Compared, if the input is correct, Resources are normally used, otherwise, resource access is denied. However, this type of identity authentication has two big problems, on the one hand, as long as the user has a successful identity authentication, you can record the link address of the limited resources, the next visit only to enter the address, and without the identity of the process to access the limited resources; On the other hand, the user can right-click on the hyperlink of a restricted resource and select "Properties" to view the link address of the restricted resource and access the address directly so that the authentication does not achieve the desired effect.

Apache can solve these problems well. Apache is the software that builds the WWW web site and runs on Linux, UNIX, and Windows operating systems. Let's take Linux as an example to introduce how Apache completes the user authentication function.

Second, the Basic principles

The basic principle of Apache authentication is that when the system administrator initiates the authentication feature, a file with the default name ". htaccess" can be added to the directory to be restricted. When a user accesses a resource under this path, a dialog box pops up asking the user to enter a username/password. In other words, its identity authentication function is not controlled by the person, but by the system directly. This avoids the user logging a hyperlink to a resource that requires authentication, and does not access the resource directly next time.

There are many methods of authentication, including the precompiled Mod-auth module in Apache and the module with Apache but not compiled, such as: MOD-AUTH-DBM module, mod-auth-db module, Mod-auth-msql module, and so on. There are also a number of third-party-developed modules, such as the Mod-auth-mysql modules used in the MySQL database, they can limit a group of users or a user.