A Simple User Management System
In this example, we will present a simple web-based user account management system. This system consists of the following parts:
A user authorization file that lists the authorized users. In this example, the file is kept in
/etc/users.simple
.A directory that contains documents that the authorized users are allowed to access. In this example, the directory is
/usr/local/etc/httpd/htdocs/simple
. The matching URL for the directory ishttp://www.ex.com/simple.
A directory that contains the CGI scripts that are used to manage the user accounts. In this example, the directory is
/usr/local/etc/httpd/cgi-bin/simple
. The matching URL for this directory ishttp://www.ex.com/cgi-bin/simple
.A script that adds new users to the system. It can only be run by the user administrator.
A script that allows users to change their passwords.
One problem with simple password-based authentication on many web servers is that the password file must be readable by the web server’s effective UID. Most site administrators have solved this problem by making the password file world-readable, which obviously leads to problems if anyone other than the system administrator has or can get access to the computer. A better approach is to set the file permissions on the password file so that it can only be read by the web server users or group, as we do here.
The next section contains step-by-step instructions for setting up this system on a computer running the UNIX operating system with ...
Get Web Security and Commerce now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.