If you wish to authenticate users by Passport York usernames and passwords, then you must follow these steps:

In the directory you wish to protect, create an .htaccess file with the following contents:

AuthType PYork
AuthName "Name of Web Area You Are Protecting"
PYorkAppID "EECS App"

If you wish to restrict access to any Passport York user, add:

Require valid-user

If instead, you wish to restrict access to specific PPY accounts, add for each user:

Require user <user>

For simplicity, you can also add all users on one line:

Require user <user1> <user2> ... <userN>

If you wish to allow anyone who has a PPY account - not just students and employees, then add:

PYorkAllowEveryone on

If you're writing a CGI/PHP script, you can take advantage of the HTTP_PYORK_USER variable which contains the username of the PPY user. This is also available as REMOTE_USER.

You should include a link on your page that allows users to logout of Passport York:

https://passportyork.yorku.ca/ppylogin/ppylogout

Check file permissions on your .htaccess file and directory permissions on all directories leading up to your .htaccess file.

At a minimum, your .htaccess file must be readable by the web server, which runs as user “www”:

% chmod o+r .htaccess

CAUTION: This will enable other users on the system to also read your .htaccess file.

You will also need to ensure that all directories up to your .htaccess file are accessible by the web server. For example, if your .htaccess file is /eecs/home/example/www/.htaccess:

% chmod o+x /eecs/home/example
% chmod o+x /eecs/home/example/www
  

Always be careful when using your Passport York username and password for accessing web pages. Only use it on sites that you trust.