Basic Authentication for Apache
To implemented shared-account authentication in Apache, start by creating a user account and assigning a password to that account. You can do that with the htpasswd tool, like this:
htpasswd -c subscribers subscriber
This command prompts for a password and when you supply one, it
creates a file called subscribers containing a
single record for a user named subscriber, along
with an encrypted version of the password you type in.
To control access to all the files in a directory, you need to
associate the user account with a web subtree. In Apache, you do that in
the server’s configuration file (either
access.conf or the master file
httpd.conf ) like this:
<Directory /web/Docbase/ProductAnalysis/docs> AuthType Basic AuthName subscribers AuthUserFile /secure/subscribers require user valid-user </Directory>
Group Authentication in Apache
You can define a group of subscribers by listing names in a file, like this:
subscribers: ed joe sharon
If that group definition is stored in the file
/secure/groups
, you can use the following configuration directives to permit only
group members:
<Directory /web/Docbase/ProductAnalysis/docs> AuthType Basic AuthName subscribers AuthUserFile /secure/subscribers AuthGroupFile /secure/groups require group subscribers </Directory>
In this case, you have to define the group in
/secure/groups and also list all the individual
subscribers and their passwords in
/secure/subscribers
.
Managing Larger Groups in Apache
If there are ...