EECS Technical Database

User Tools

Site Tools

You are here: Technical Database » Web Publishing including Protected Areas » Password Protecting Web Areas » Authentication By EECS Usernames and Passwords or Groups
Trace:
web:password-protected:authbysys1

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
web:password-protected:authbysys1 [2017/12/20 09:39] jasweb:password-protected:authbysys1 [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1
Line 1: Line 1:
-====== Authentication By EECS Usernames and Passwords or Groups ====== 
  
-If you wish to authenticate users by EECS usernames and passwords or groups then you must follow these steps: 
- 
-In the web directory that you wish to protect, create a .htaccess file with the following contents: 
- 
-  AuthType Basic 
-  AuthName "Name of Web Area You Are Protecting" 
-  AuthBasicProvider pam 
- 
-If you wish to restrict access to ALL valid EECS accounts, add: 
- 
-  Require valid-user 
- 
-If instead, you wish to restrict access to specific EECS accounts, add for each user: 
- 
-  Require user <user> 
- 
-For simplicity, you can also add all users on one line: 
- 
-  Require user <user1> <user2> ... <userN> 
- 
-If you wish to restrict access to specific groups, add: 
- 
-  Require unix-group <group> 
- 
-Again, for simplicity, you can list all the groups on one line: 
- 
-  Require unix-group <group1> <group2> ... <groupN> 
- 
-If you only care about group membership alone (eg. all EECS users who are in faculty group), then you only need to add a "Require unix-group" directive, and you can skip "Require user" altogether.  
- 
-By default, only **one** of the conditions needs to be true to provide access, so if you were to add: 
- 
-  Require valid-user 
-  Require unix-group faculty 
- 
-... then ANY valid EECS user would be allowed in (eg. an undergrad, grad, staff member, faculty, or guest), or, any EECS user who is in group faculty.  If you want to just allow in EECS users who are in group faculty, then include only the "Require unix-group faculty" line.  Alternatively you can use a "RequireAll" block like this: 
- 
-  <RequireAll> 
-    Require valid-user 
-    Require unix-group faculty 
-  </RequireAll> 
- 
-Check file permissions on your .htaccess file and directory permissions on all directories leading up to .htaccess.  At a minimum, your .htaccess file must be readable by the web server, which runs as user "www": 
- 
-  % chmod o+r .htaccess 
- 
-CAUTION: This will also enable other users on the system to read your .htaccess file. 
- 
-You will also need to ensure that all directories up to your .htaccess file are accessible by the web server. For example, if your .htaccess file is /eecs/home/example/www/.htaccess: 
- 
-  % chmod o+x /eecs/home/example 
-  % chmod o+x /eecs/home/example/www 
- 
-Always be careful when using your system username and password for accessing web pages. Only use it on sites that you trust. 
web/password-protected/authbysys1.1513780799.txt.gz · Last modified: 2017/12/20 09:39 by jas
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki