httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Httpd Wiki] Update of "PasswordBasicAuth" by thumbs
Date Fri, 08 Feb 2013 22:50:57 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.

The "PasswordBasicAuth" page has been changed by thumbs:
http://wiki.apache.org/httpd/PasswordBasicAuth?action=diff&rev1=9&rev2=10

Comment:
Added examples for 2.4

  
  In this How-To guide, we will show you how to set up a password protected directory using
basic authentication.
  
- Authentication directives in Apache can be used in the following contexts - directory and
htaccess. For directory context this means in '''<Directory>''', '''<Location>''',
and '''<Files>''' blocks in your httpd.conf or your distro's main Apache config file
or virtual host config file. Additionally, for Apache 2.2, '''<Proxy>''' blocks are
also included in the directory context. The htaccess context is self explanatory. This means
you can use authentication directives in htaccess files. In this tutorial, we will show recipes
for both contexts.
+ The first section focuses on Apache httpd 2.2, and the new directives for 2.4 will be covered
in the last part of this document.
  
+ Authentication directives in Apache httpd can be used in the following contexts - directory
and htaccess. For directory context this means in '''<Directory>''', '''<Location>''',
and '''<Files>''' blocks in your httpd.conf or your distro's main Apache config file
or virtual host config file. Additionally, for Apache httpd 2.2, '''<Proxy>''' blocks
are also included in the directory context. The htaccess context is self explanatory. This
means you can use authentication directives in .htaccess files. In this tutorial, we will
show recipes for both contexts.
+ 
- The first thing in this example we need to do is to create a directory to password protect
in our document root. Let's say our document root is '''/var/www/html'''. We'll create a directory
called '''protected''' in the document root - '''/var/www/html/protected'''.
+ The first thing we need to do in this example is to create a directory to protect in our
document root. Let's say our document root is '''/var/www/html'''. We'll create a directory
called '''protected''' in the document root - '''/var/www/html/protected'''.
  
  The next thing to do is to create a password file with users. We will use the htpasswd utility
provided in the core Apache package. The password file can be stored anywhere on your hard
drive. In our example we will create our htpasswd file in '''/etc/htpasswd'''.
  
@@ -72, +74 @@

  Using either recipe, you can now go to http://localhost/protected and be prompted by the
browser to enter your credentials. If you enter correct credentials you will be granted access
to '''protected'''. If you don't enter correct credentials, you will be continually prompted
to enter credentials until you enter correct credentials or click the '''Cancel''' button.
  <<BR>>
  
+ For Apache httpd 2.4, the authorization mechanism has been revamped. Here is a sample of
a configuration that uses basic HTTP auth for the entire DocumentRoot, and allows public,
non-restricted access for a specific directory:
+ 
+ Assuming a DocumentRoot value of "/srv/httpd/htdocs",
+ 
+ {{{
+ <Directory "/srv/httpd/htdocs">
+     Options +FollowSymLinks +Multiviews +Indexes
+     AllowOverride None
+     AuthType basic
+     AuthName "private"
+     AuthUserFile /srv/httpd/.htpasswd
+     Require valid-user
+ </Directory>
+ 
+ <Directory /srv/httpd/htdocs/public>
+     Require all granted
+ </Directory>
+ }}}
+ 
+ The password file would be created in the same fashion as it would be on 2.2.
+ 
  For more complete information on the Apache directives used, see the [[http://httpd.apache.org/docs/|Apache
Docs]].
  

---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org


Mime
View raw message