Configure HTTPD server with user access control function based on Basic authentication mechanism

Lab Notes:

Experimental host:192.168.1.11

1. Configure httpd User-based access control ----Basic Authentication mechanism

(1) installing httpd program, and start the service

#yum install Httpd–y[[email protected] ~]# servicehttpd startstarting httpd:httpd:Could not reliably determine the server   ' s fully qualified domain name,using 172.16.33.1 for ServerName [ OK][[email protected] ~]# SS–TNL

(2 ) Define the security domain in the configuration file

(a) Modify The path of ' Mainserver ' to/data/web/htmland perform an access test

#vim/etc/httpd/conf/httpd.conf ... documentroot "/data/web/html" .... # Mkdir/data/web/html-pv[[email protected] ~)------- # Cd/data/web/html/[[email protected] HTML #vim index.html add: 
in the browser, enter: http://192.168.1.11/ , Access testing

(b)  in /data/web/html/  Add a directory employee  , and encapsulate the Directory To  enable the authentication of this directory for basic  Implementation of the mechanism, Authenticated users Tom  ,Jerry
# mkdir/data/web/html/employee# cd/data/web/html/employee[[email protected] employee]#  vimindex.html         Tom 21          Jerry 90  #vim/etc/httpd/conf/httpd.conf ..... Add directory, access control to the directory ............<directory  "/data/web/html/employee" >         Options None        AllowOverride None         AuthType basic         authname  "it is only foremployee!!"         AuthUserFile /etc/httpd/users/.htpasswd         Require user tom jerry</Directory>................[[email  Protected] html]# httpd-thttpd: could not reliablydetermine the server ' s& nbsp; Fully qualified domain name, using 172.16.33.1 forservernamesyntax ok 
(3) Create the/etc/httpd/users directory and provide the user's account file in the directory
[[email protected] html]# mkdir/etc/httpd/users[[email protected] html]# cd/etc/ Httpd/users[[email protected] users] #htpasswd  -c -m /etc/httpd/users/.htpasswd  tomnew password:re-type new password:adding password for usertom[[email  Protected] users] #htpasswd   -m /etc/httpd/users/.htpasswdjerrynew password:re-type  new password:Adding password for userjerry[[email protected] users]#  Cat/etc/httpd/users/.htpasswdtom: $apr 1$snf79tur$lx7b.y8s9bbrtzh8cpbaz1jerry: $apr 1$sxqjzsiw$ fa0wxyi2dfdcdiko.0yct1           (4) Restart the service and test it in the browser                     [[ Email protected] employee]# httpd-thttpd: could not reliablydetermine the  server ' S&NBSP;FULLY&NBSP;QUALIFIED&NBsp;domain name, using 172.16.33.1 forservernamesyntax ok[[email protected]  Employee] #service &NBSP;HTTPD&NBSP;RELOADRELOADING&NBSP;HTTPD:
at this point in the browser, enter: http://192.168.1.11/employee/  , enter Tom  ,Jerry  and corresponding password, multiple input observation results; found only Tom.   ,Jerry users are required to enter the correct password in order to successfully access! 
2.   Group-based authentication
Create the group file and add it in the configuration file.
[[email protected] employee]# vim /etc/httpd/conf/httpd.conf .....] Modify it to the following ...  <directory "/data/web/html/employee" >         "....." options none        allowoverride none         authtype basic        authname   "it is only foremployee!!"         AuthUserFile /etc/httpd/users/.htpasswd         AuthUserFile /etc/httpd/users/.htgroup         require group mc</directory>...............................[[email protected] employee]#  vim/etc/httpd/users/.htgroup .... Add the following content ...................         --   mc: tom jerry[[email protected] employee] #httpd  -thttpd: Could  Not&nbsP;reliablydetermine the server ' s fully qualified domain name, using  172.16.33.1 forservernamesyntax ok[[email protected] employee] #service  httpd  RELOADRELOADING&NBSP;HTTPD:
the configuration based on group authentication is complete, and the following access tests are performed in the browser !!!!

Configure HTTPD server with user access control function based on Basic authentication mechanism