Difference between revisions of "Configuring authentication for apache using password file"
m |
m |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Apache web server configuration]] > [[Configuring authentication for apache using password file]] | |||
=Allowing authentication via .htaccess= | |||
To configure authentication for apache using password file we can enter configuration lines in either '<tt>.htaccess</tt>' file or directly in '<tt>httpd.conf</tt>' file. In case of authentication setup using '<tt>.htaccess</tt>' file following directive must be present in '<tt>httpd.conf</tt>' for concerned Directory or VirtualHost | To configure authentication for apache using password file we can enter configuration lines in either '<tt>.htaccess</tt>' file or directly in '<tt>httpd.conf</tt>' file. In case of authentication setup using '<tt>.htaccess</tt>' file following directive must be present in '<tt>httpd.conf</tt>' for concerned Directory or VirtualHost | ||
| Line 10: | Line 10: | ||
=Creating password file= | |||
To create password file to be used for authentication, one can use '<tt>htpasswd</tt>' utility. To create password file with desired user use: | To create password file to be used for authentication, one can use '<tt>htpasswd</tt>' utility. To create password file with desired user use: | ||
| Line 21: | Line 21: | ||
=Configuring authentication= | |||
To configure authentication enter following lines for appropriate Directory in configuration file: | To configure authentication enter following lines for appropriate Directory in configuration file: | ||
| Line 36: | Line 36: | ||
=Configuring groups= | |||
To allow a specific set of users group file is required. Group file has following syntax: | To allow a specific set of users group file is required. Group file has following syntax: | ||
<pre> | <pre> | ||
| Line 55: | Line 55: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Apache web server configuration]] > [[Configuring authentication for apache using password file]] | |||
Latest revision as of 07:30, 6 March 2022
Home > CentOS > CentOS 6.x > Apache web server configuration > Configuring authentication for apache using password file
Allowing authentication via .htaccess
To configure authentication for apache using password file we can enter configuration lines in either '.htaccess' file or directly in 'httpd.conf' file. In case of authentication setup using '.htaccess' file following directive must be present in 'httpd.conf' for concerned Directory or VirtualHost
AllowOverride AuthConfig
Creating password file
To create password file to be used for authentication, one can use 'htpasswd' utility. To create password file with desired user use:
htpasswd -c <password-file> <user-name>
The command will prompt for desired password for given user. Note that '-c' option is required only while creating a new file.
For security reasons, it is necessary for password file to be outside DocumentRoot so that users cannot simply download the file and crack the passwords.
Configuring authentication
To configure authentication enter following lines for appropriate Directory in configuration file:
AuthType Basic AuthName "<realm>" # Optional line: AuthBasicProvider file AuthUserFile <path-of-password-file> Require user <user-name>
To allow all users one can use 'Require valid-user'.
Configuring groups
To allow a specific set of users group file is required. Group file has following syntax:
<group-name> : <user1> <user2> <user3> ...
To configure authentication via group following configuration lines can be used:
AuthType Basic AuthName "<realm>" # Optional line: AuthBasicProvider file AuthUserFile <path-to-password-file> AuthGroupFile <path-to-group-file> Require group <group-name>
Home > CentOS > CentOS 6.x > Apache web server configuration > Configuring authentication for apache using password file
