Apache server introduction user authentication simple configuration solution set

Article Title: simple configuration solution set for user authentication in Apache server introduction. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

Apache is a popular Web server that runs on linux, Unix, Windows, and other operating systems. It can well solve the authentication problem of "User Name + password. The username and password required for Apache user authentication are stored in two different ways: text files and databases such as MSQL, Oracle, and MySQL. The following uses Linux Apache as an example to describe the two storage methods and briefly introduces Apache user authentication for Windows. Next we will introduce how to implement it through text authentication.

　　Three steps are required to establish user authentication and authorization:

1. Create a user Library

2. Configure the protection domain of the server

3. Tell the server which users have Resource Access Permissions

A few examples of nonsense are the clearest !~ Assume that user authentication is required for files in a directory such as/home/ftp/pub.

Create authenticated user

　　

@htpasswd ?c /*/.password xuanfei

Create an authentication Group

@vi /*/.group xuanfei-group:xuanfei xuanfei1

Basic Apache user authentication methods:

Add the following lines to httpd. conf:

<>options indexes followsymlinksallowoverride authconfigorder allow,denyallow from all <>

Or Add/etc/httpd/conf. d/to create a configuration file named. conf.

〈Directory /home/ftp/pub>Options IndexesAllowOverride AuthConfigorder allow,denyallow from all 〈/Directory>

Use it in the/home/ftp/pub directory to place the file. htaccess. The content is as follows:

Authname "shared files" authtype basicauthuserfile/*/. passwordrequire valid-user # require group xuanfei-group // receiving group so user # requirre user xuanfei // receive xuanfei single user

Use the program htpasswd with Apache to generate the file/etc/. passwd. Each line has one user name: Password

As long as the correct user name and password pair are provided, login access is allowed. This is for any address.

All requests require user name and password authentication.

Authentication is required for some CIDR blocks or addresses.

[NextPage]

If the network segment of the company's LAN is 10.45.63.0/24, and a firewall leased line is connected to the Internet,

The IP address of the internal network card is 10.45.63.1/32.

The apache reverse proxy on the firewall needs to be authenticated when accessing another WWW server on the LAN, while the local

Users on the LAN do not need to be authenticated. You can put the following in httpd. conf:

〈Directory /home/ftp/pub>Options Indexes FollowSymLinksAllowOverride AuthConfigorder deny,allowdeny from 10.45.63.1 〈/Directory>

Put the following in/home/ftp/pub/. htaccess:

AuthName "shared files"AuthType BasicAuthUserFile /etc/.passwdrequire valid-user satisfy any

You have different permissions on the same directory and Its subdirectories. Only some people can access the subdirectories in a directory.

If there is a directory/home/ftp/pub/host, there are three users user1, user2, user3 all need the user name

And Password enter/home/ftp/pub, but only user1, user2 can enter/home/ftp/pub/host.

Move the following line to httpd. conf.

〈Directory /home/ftp/pub>Options IndexesAllowOverride AuthConfigorder allow,denyallow from all〈/Directory>〈Directory /home/ftp/pub/host>Options IndexesAllowOverride AuthConfigorder allow,denyallow from all 〈/Directory>

Check whether/home/ftp/pub/. htaccess is:

AuthName "shared files"

AuthType Basic

AuthUserFile/etc/. passwd

Require valid-user

Check/home/ftp/pub/host/. htaccess

AuthName "shared files"

AuthType Basic

AuthUserFile/etc/. passwd

AuthGroupFile/etc/. hostgroup

Require group manager

And the file/etc/. passwd content is:

User1: passwd1

User2: passwd2

User3: passwd3

The file/etc/. hostgroup contains the following content:

Manager: user1 user2