Apache Access Controls


LBJ - a Friend in Deed

I finally got around to fooling with Apache access controls. There are many ways to do this, but I think we have something simple...

On www.schnitzer.net, there are two new files, ".htpasswd" and ".htgroup". The .htpasswd file contains a list of usernames and passwords. The .htgroup file is currently empty, but it can be used to create groups as you like.

I initially populated .htpasswd with a few users. The format us "userassword" and the passwords are encrypted. In order to generate the encrypted passwords, you could get a Windows version of the htpasswd program, or just use one of the numerous web-based tools. For example, http://home.flash.net/cgi-bin/pw.pl will encrypt a password for you. (Google for "htpasswd generator" and you'll see there are many.)

Now... in each directory where you want to control access, you create a file called ".htaccess". In this file, you can put Apache directives related to access controls. For example:

Require user dana means that the user "dana" is required for access to any of the files in that directory, or any directory below that one. The format for the access controls is:

Require user userid [userid] ...

Only the named users can access the resource.

Require group group-name [group-name] ...

Only users in the named groups can access the resource.

Require valid-user

All valid users can access the resource.

You can also use the directive:

AuthName "string"

where "string" will be displayed by the browser when requesting access to the resource.

If you want to create groups, just populate the .htgroup file. The format is:

Each line of the group file contains a groupname followed by a colon, followed by the member usernames separated by spaces.

Example:

mygroup: bob joe anne

Hopefully this will work for you, let me know how it goes.

lew

LBJ - a Friend in Deed