apache .htaccess linux user authentication
FedoraForum.org - Fedora Support Forums and Community
Results 1 to 9 of 9
  1. #1
    Join Date
    Jan 2007
    Posts
    95
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    apache .htaccess linux user authentication

    Hi, I have a web server with sevral users in the group ftp. they have the ability to ftp into their home directories. In apache how to I set .htaccess to allow the Linux user group ftp to be allowed to view a protected web directory?

    Thanks.

  2. #2
    Join Date
    Jan 2007
    Posts
    95
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Bump

    Anybody? Is this even possible? I found this but don't understand it.
    http://www.washington.edu/webinfo/ht.../weblogin.html

  3. #3
    Join Date
    Jul 2007
    Location
    Virginia
    Posts
    252
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Lanrat,

    Here is what you can do with Apache to require a password to enter a directory. Do the following as root.

    1. Edit the configuration file for the site, (located in /etc/httpd/conf.d/ or /etc/httpd/conf/httpd.conf) and add/modify the AllowOverride directive for the directory or site that you want passwords for so that it reads:
    Code:
    AllowOverrides AuthConfig
    2. Go the to directory for the site that you want to secure and make/edit the .htaccess file for that directory/site:
    Code:
    AuthName               "LanRat's Secrets"
    AuthType                basic
    AuthUserFile            /var/www/.htpasswd
    require                 valid-user
    Take note of the location of of the AuthUserFile. It can be anywhere, but you may not want it inside of any folder that apache serves content from.


    3. Run the following commands. The first one creates the .htpasswd file. The second one should be run for each user that needs access to the site/directory (substitute lanrat for each user's name). The -m specifies to use MD5 passwords.
    Code:
    htpasswd -c /var/www/.htpasswd
    htpasswd -m /var/www/.htpasswd lanrat
    4. Restart apache and give it a try. You should be prompted with a window asking for username and password.

    Good Luck!

  4. #4
    Join Date
    Jan 2007
    Posts
    95
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I know how to do that. What I wanted to do was Linux user authentication. So that all users who belonged to a certain group could be able to log in. and any changed to the Linux user would reflect on this.

    Thanks.

  5. #5
    Join Date
    Jul 2007
    Location
    Virginia
    Posts
    252
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    OK - here you go.

    1. Disable SELinux. For some reason, I could not get this to work with the tragetted policy being enforced. Once I turned it off everything worked.
    2. Ensure that the mod_auth_shadow and mod_auth_pam modules are installed. I had to add in the line for mod_auth_shadow.
    Code:
    LoadModule auth_shadow_module modules/mod_auth_shadow.so
    3. edit .htaccess to look like this:
    Code:
    AuthName "Restricted" 
    AuthType Basic
    AuthPAM_Enabled on
    AuthShadow on
    #require valid-user
    require group ftp
    4. Restart Apache. Apache will complain about it when you restart stating that it is already loaded, but if you don't load it, then this will not work.
    Code:
    Starting httpd: [Thu Jan 10 18:45:57 2008] [warn] module auth_shadow_module is 
    already loaded, skipping
                                                               [  OK  ]
    AuthShadow causes a program called validate to execute as suid and check /etc/shadow for authentication. AuthPAM is also needed otherwise you will have PAM errors generated by AuthShadow.

    The .htpasswd file is not needed and can be deleted. Use require valid-user to authenticate any valid system user.

  6. #6
    Join Date
    Jan 2007
    Posts
    95
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you!

    It works perfectly.

  7. #7
    krolaw Guest

    Saved my sanity

    Thank you, thank you, thank you. You have saved my bacon and sanity.

    Why I couldn't find this on google - maybe these keywords will help

    Fedora 8
    mod_auth_pam
    mod_auth_shadow

  8. #8
    mdit Guest
    hello
    I use fedora 9 and I want use mod_auth_pam and I install mod_auth_pam but
    when i restart apache show fallowing message what should I do ? help me.



    Starting httpd: [Mon Sep 01 00:24:34 2008] [warn] module auth_pam_module is already loaded, skipping

  9. #9
    mdit Guest
    hello
    excuse me I have another question . I use apache 2.2.9 in fedora 9
    and I want use mod_auth_pam but I want when it need username and password it use
    /etc/shadow what shoud i do?

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •