A Simple User Management System
In this example, we will present a simple web-based user account management system. This system consists of the following parts:
A user authorization file that lists the authorized users. In this example, the file is kept in
/etc/users.simple.A directory that contains documents that the authorized users are allowed to access. In this example, the directory is
/usr/local/etc/httpd/htdocs/simple. The matching URL for the directory ishttp://www.ex.com/simple.A directory that contains the CGI scripts that are used to manage the user accounts. In this example, the directory is
/usr/local/etc/httpd/cgi-bin/simple. The matching URL for this directory ishttp://www.ex.com/cgi-bin/simple.A script that adds new users to the system. It can only be run by the user administrator.
A script that allows users to change their passwords.
One problem with simple password-based authentication on many web servers is that the password file must be readable by the web server’s effective UID. Most site administrators have solved this problem by making the password file world-readable, which obviously leads to problems if anyone other than the system administrator has or can get access to the computer. A better approach is to set the file permissions on the password file so that it can only be read by the web server users or group, as we do here.
The next section contains step-by-step instructions for setting up this system on a computer running the UNIX operating system with ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access