Authentication: Directories: Difference between revisions
(New page: {{Uc nav Authentication}} '''Authentication Directories (Folders)''' The previous page covered setting up four folders each with its own .htaccess file, protecting that folder and all its...) |
(No difference)
|
Revision as of 15:50, 23 April 2009
Authentication: Introduction | Preparation | Directories | Secure Directories | Groups | Single Files | Secure Single Files |
Basic Authentication |
Authentication Directories (Folders)
The previous page covered setting up four folders each with its own .htaccess file, protecting that folder and all its sub-folders. The current configuration protects each folder with a name and password. This page explores changes to the authentication directives used.
Recap Password Protecting Directories
Password protecting directories requires the following elements:
- A password file containing a list of name/password pairs for each user
root:root John:john123 Dave Smith:dave123 Mike:mike123 Jane:jane123 Dawn:dawn123 Ruth Smith:ruth123 |
File name: .htpasswd (The file can be named anything you like) |
- An .htaccess file placed in the folder requiring name/password protection it contains the following four lines
AuthName "Uniform Server - Server Access" AuthType Basic AuthUserFile /htpasswd/www/.htpasswd Require user "Dave Smith" |
AuthName: (Displayed to a user) defines a realm name of a collection |
We currently have four folders being protected each contains its own .htaccess file. These differ only in the fourth line.
Test 1
If you implemented the structure as explained on the previous page run the servers and test each folder for name password access:
- Start servers
- Type http://localhost/ use links on the page displayed to access the named folders
- Alternatively type each of these addresses:
- http://localhost/john/
- http://localhost/dave_smith/
- http://localhost/dawn/
- http://localhost/ruth_smith/
- Whichever method used you will be challenged for a name and password.
Note: Once you have logged into to all four accounts you will not be challenged again you need to restart the browser to disconnect from server and repeat any tests.
Ruth Smith has decided to allow Dave Smith access to her protected folder. To implement this all that is required is to add Dave Smith to the fourth line ofher .htacces files:
Edit file: UniServer\udrive\www\ruth_smith\.htaccess as shown:
AuthName "Uniform Server - Server Access" AuthType Basic AuthUserFile /htpasswd/www/.htpasswd Require user "Ruth Smith" "Dave Smith"
Test:
- Save file
- Restart browser
- Type http://localhost into browser
- Click link Dave Smith and log in
- Click link Ruth Smith
Result:
Dave Smith has access to two accounts his own and Ruth's. He only needs to log in once to either of the accounts inorder to access the other.
Summary
The above has shown how easy it is to setup name/password protection on any folder.
On the next page I show how to secure these folders using SSL to encrypt names, passwords and content.
Ric |