https://wiki.uniformserver.com/index.php?title=Authentication:_Secure_Single_Files&feed=atom&action=historyAuthentication: Secure Single Files - Revision history2024-03-28T10:24:44ZRevision history for this page on the wikiMediaWiki 1.41.0https://wiki.uniformserver.com/index.php?title=Authentication:_Secure_Single_Files&diff=3730&oldid=prevRic: /* Summary */2009-04-23T15:59:54Z<p><span dir="auto"><span class="autocomment">Summary</span></span></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 15:59, 23 April 2009</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l248">Line 248:</td>
<td colspan="2" class="diff-lineno">Line 248:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>{|</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>{|</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Image:uc_small_logo.gif]] || [[User:<del style="font-weight: bold; text-decoration: none;">WikiSysop</del>|Ric]]</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Image:uc_small_logo.gif]] || [[User:<ins style="font-weight: bold; text-decoration: none;">Ric</ins>|Ric]]</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>|}</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>|}</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category: Uniform Server 4.0-Mona]]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category: Uniform Server 4.0-Mona]]</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category: UniCenter]]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category: UniCenter]]</div></td></tr>
</table>Richttps://wiki.uniformserver.com/index.php?title=Authentication:_Secure_Single_Files&diff=3723&oldid=prevRic: New page: {{Uc nav Authentication}} '''Authentication - Single Files''' There are occasions when you would like to password protect one or two files. Using basic authentication makes this relativel...2009-04-23T15:53:55Z<p>New page: {{Uc nav Authentication}} '''Authentication - Single Files''' There are occasions when you would like to password protect one or two files. Using basic authentication makes this relativel...</p>
<p><b>New page</b></p><div>{{Uc nav Authentication}}<br />
'''Authentication - Single Files'''<br />
<br />
There are occasions when you would like to password protect one or two files. Using basic authentication makes this relatively easy.<br />
<br />
This page provides a few examples.<br />
<br />
== Preparation ==<br />
Add name/password pairs to your password file, I currently have the following:<br />
<br />
Edit file: UniServer\udrive\htpasswd\www\'''.htpasswd''' add new users as required<br />
<pre><br />
root:root<br />
John:john123<br />
Dave Smith:dave123<br />
Mike:mike123<br />
Jane:jane123<br />
Dawn:dawn123<br />
Ruth Smith:ruth123<br />
</pre><br />
<br />
'''''Note 1'':''' Delete the first entry '''root:root''' (everyone knows this) I use it for testing<br />
<br />
'''''[[#top | Top]]'''''<br />
== Basic format ==<br />
To protect a file you require the following blocks in file UniServer\udrive\www\'''.htaccess''' <br />
{|<br />
|-<br />
|<br />
<pre><br />
AuthName "Uniform Server - Server Access"<br />
AuthType Basic<br />
AuthUserFile /htpasswd/www/.htpasswd<br />
AuthGroupFile /htpasswd/www/.htgroup<br />
</pre><br />
|<br />
'''''Set-up Basic Authentication'''''<br><br />
This is the first block it sets-up basic Authentication<br><br />
If you are not using groups delete the last line.<br><br />
You do not then require a [[Authentication: Groups#Groups File|groups file]].<br />
|}<br />
{|<br />
|-<br />
|<br />
<pre><br />
<Files {file name}><br />
Require {valid-user or user and or group}<br />
</Files><br />
</pre><br />
|<br />
'''''Files block for each file you wish to protect'''''<br><br />
Specify a file. Note: Its name must be unique (see [[#Test 1|image example test]] as to why).<br><br />
'''Require''' functions in the same way as covered for folders<br />
|}<br />
'''''[[#top | Top]]'''''<br />
<br />
== Example 1 ==<br />
Create the following test pages:<br />
<br />
=== Preparation ===<br />
*Create a new text file named '''demo1.html''' in folder UniServer\udrive\'''www''' with the following content<br />
<pre><br />
<html><head><title>Demo 1</title></head><br />
<body><br />
<h1>Demo 1</h1><br />
</body></html><br />
</pre><br />
*Create a new sub-folder in UniServer\udrive\'''www''' named '''demo2'''<br><br />
*Copy file UniServer\udrive\www\images\'''logo.jpg''' to folder UniServer\udrive\www\'''demo2'''<br />
*Create a new text file named '''demo2.html''' in folder UniServer\udrive\www\'''demo2''' with the following content<br />
<pre><br />
<html><head><title>Demo 2</title></head><br />
<body><br />
<h1>Demo 2</h1><br />
</body></html><br />
</pre><br />
The above provides two html files and one image to protect.<br />
<br />
=== Define Files block ===<br />
'''''Page demo1.html'''''<br />
{|<br />
|-<br />
|<br />
<pre><br />
<Files demo1.html><br />
Require user root<br />
</Files><br />
</pre><br />
|<br />
Name of file to protect<br><br />
User root allowed access <br />
|}<br />
<br />
'''''Page demo2.html'''''<br />
{|<br />
|-<br />
|<br />
<pre><br />
<Files demo2.html><br />
Require user "Dave Smith" <br />
</Files><br />
</pre><br />
|<br />
Name of file to protect<br><br />
User Dave Smith allowed access. The name contains a space hence must be enclosed in quotes <br />
|}<br />
'''''Image logo.jpg'''''<br />
{|<br />
|-<br />
|<br />
<pre><br />
<Files logo.jpg><br />
Require user John Dawn<br />
</Files><br />
</pre><br />
|<br />
Name of file to protect<br><br />
Two users John and Dawn are allowed to access this image<br />
|}<br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
=== Edit .htaccess ===<br />
Add the following blocks to file UniServer\udrive\www\'''.htaccess'''<br />
<br />
The complete authentication block should look like this (delete any extra linesin the block)<br />
<pre><br />
#--<br />
# Activate this to use the Private Server Feature!<br />
#--<br />
# To lock server, uncomment the next 4 lines.<br />
# Defaults: Username - root; Password - root<br />
<br />
AuthName "Uniform Server - Server Access"<br />
AuthType Basic<br />
AuthUserFile /htpasswd/www/.htpasswd<br />
<br />
<Files demo1.html><br />
Require user root<br />
</Files><br />
<br />
<Files demo2.html><br />
Require user "Dave Smith"<br />
</Files><br />
<br />
<Files logo.jpg><br />
Require user John Dawn <br />
</Files><br />
</pre><br />
<br />
'''''[[#top | Top]]'''''<br />
== Tests ==<br />
<br />
=== Test 1 ===<br />
* Run servers<br />
* Restart browser<br />
* Type '''<nowiki>http://localhost/index.php</nowiki>''' into browser - You will be challenge for a name and password. - click '''cancel'''<br />
* Type '''<nowiki>http://localhost:81/demo2/logo.jpg</nowiki>''' again you will be challenge for a name and password.<br />
* Enter either '''John john123''' or '''Dawn dawn123''' to view the image<br />
<br />
'''''[[#top | Top]]'''''<br />
=== Undesirable side-effect ===<br />
Generally speaking the location of a fie makes it unique edit the file in one location and the other version in a different location is not changed.<br />
<br />
However the .htaccess file does not make this distinction, being placed in the web-root it is protecting the current folder and all sub-folders. Any file that matches the '''name''' set in the '''Files''' directive is protected by the '''Require''' line.<br />
<br />
This can cause some undesirable side-effects for example if you are hosting many sites with different logos with the name '''logo.jpg''' all logo.jpg are protected. Hence a user will be prompted for a name and password before the logo can be displayed.<br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
=== Solution ===<br />
Solution is simple create a sub-folder and copy all unique files to be protected into it. Create a new .htaacess and place all associated directives in this file. Remove the directives from the web-root .htaccess file.<br />
<br />
Using our example files<br />
<br />
* Copy .htaccess from www into folder '''demo2'''<br />
* Move file '''demo1.html''' to folder '''demo2''' <br />
* Remove this section from file www\'''.htaccess'''<br />
<pre><br />
#--<br />
# Activate this to use the Private Server Feature!<br />
#--<br />
# To lock server, uncomment the next 4 lines.<br />
# Defaults: Username - root; Password - root<br />
<br />
AuthName "Uniform Server - Server Access"<br />
AuthType Basic<br />
AuthUserFile /htpasswd/www/.htpasswd<br />
<br />
<Files demo1.html><br />
Require user root<br />
</Files><br />
<br />
<Files demo2.html><br />
Require user "Dave Smith"<br />
</Files><br />
<br />
<Files logo.jpg><br />
Require user John Dawn <br />
</Files><br />
</pre><br />
* Delete everything in file www\demo2\'''.htaccess''' with the exception of this block:<br />
<pre><br />
AuthName "Uniform Server - Server Access"<br />
AuthType Basic<br />
AuthUserFile /htpasswd/www/.htpasswd<br />
<br />
<Files demo1.html><br />
Require user root<br />
</Files><br />
<br />
<Files demo2.html><br />
Require user "Dave Smith"<br />
</Files><br />
<br />
<Files logo.jpg><br />
Require user John Dawn <br />
</Files><br />
</pre><br />
Having isolated the files effectively makes them unique and can be targeted specifically <br />
<br />
'''''[[#top | Top]]'''''<br />
=== Test 2 ===<br />
Run the following tests:<br />
* Run servers<br />
* Restart browser<br />
* Type '''<nowiki>http://localhost/index.php</nowiki>''' into browser - You will not be challenge for a name and password.<br />
* Type '''<nowiki>http://localhost/demo2/logo.jpg</nowiki>''' You will be challenge for a name and password.<br />
** Enter either '''John john123''' or '''Dawn dawn123''' to view the image<br />
* Type '''<nowiki>http://localhost/demo1.html</nowiki>''' When challenged enter '''root root''' <br />
* Type '''<nowiki>http://localhost/demo2/demo2.html</nowiki>''' When challenged enter '''Dave Smith dave123''' <br />
We are not protecting the folder but individual files.<br />
<br />
'''''Note'':''' If you with to repeat the tests remember to restart your browser. <br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
== Summary ==<br />
Protecting individual files is easy each new file requiring only a small section of code.<br />
<br />
If running an Intranet you probably don’t need to use encryption however if the content is sensitive data it needs to be secured.<br />
<br />
On the [[Authentication: Secure Single Files| '''next page''']] I cover single file encryption.<br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
----<br />
<br />
{|<br />
| [[Image:uc_small_logo.gif]] || [[User:WikiSysop|Ric]]<br />
|}<br />
<br />
[[Category: Uniform Server 4.0-Mona]]<br />
[[Category: UniCenter]]</div>Ric