Solved

problem: authentication using .htaccess

Posted on 2002-06-26
8
309 Views
Last Modified: 2013-12-15
I am using Apache server and linux  redhat 7.2.

My company uses ldap to store employee info. We have a mounted directory, which has the ldap_db and also a user-passwd file which has all userid and encrypted passwords.

Now,  I want to be able to put a .htaccess file at directory level, to authenticate users before they access my site.

I tried putting a .htaccess file at my homedirectory  which looks like this:

AuthUserFile /network/ldap/user-passwords.txt
AuthName John Doe's Members-Only Area
AuthType Basic
 <Limit GET POST PUT>
 require valid-user
 </Limit>

But when I try http://localhost/~me, it does not prompt for password. I dont get any errors either, and the webpages are displayed fine.  Any idea why it does not prompt for userid/passwd?


Note:
In my LinuxGUI, System>AuthenticationConfiguration> I checked "Enable LDAP Support" and Configured LDAP to point to the correct server name and search base.
(Although I dont know if this is related to the .htaccess authentication or not)

Thank you.
0
Comment
Question by:chazhs
  • 5
  • 3
8 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7111935
# never tried if it works with .htaccess, but works in httpd.conf <Location "/confidential/">

        AuthName "confidential data"
        AuthType Basic
        #
        # --- openldap
        AuthLDAPHosts "FQDN"
        AuthLDAPBindDN "cn=Manager,...,dc=xxx-xxx,dc=de"
        AuthLDAPBindPassword password
        AuthLDAPBaseDN "..,dc=xxx,dc=xxx-xxx,dc=de"
        #
        AuthLDAPSearchScope subtree
        AuthLDAPUserKey uid
        AuthLDAPPassKey userPassword
        #
        # --- Base64 encodced
        AuthLDAPSchemePrefix off
        #
        <Limit GET POST>
        require valid-user
        </Limit>

# keep in mind that AuthType Basic transfers the password nearly plain text (simple encryption)
# Hope that you are shure you want to compromise your internal security by such a public access
0
 

Author Comment

by:chazhs
ID: 7112008
I am not clear on this answer. No idea what to substitue for any of the variables above. (sorry, Im new here)

Anyhow, I guess giving the ldap server name directly might not work for me, since I need to give access to a restricted user list sometimes. (not the whole company)
So I maintain my own list of userids and encrypted passwords.
Thanks.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7112038
beside the ldap server name you need to know the base dn and the dn for an account which is allowed to query the database (or ask your LDAP admin if the database can be queried anonymous, probably not for passwords:)
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:chazhs
ID: 7112163
I guess the problem is not so much ldap, but just getting .htaccess to work correctly.

I changed my .htaccess file so my AuthUserFile points to a local .htpasswd file that I just created using
htpasswd -c .htpasswd username

Still no luck, the web page gets displayed without any errors, but does not prompt for userid :(
0
 

Author Comment

by:chazhs
ID: 7112296
Note, I did try restarting webserver.

Also found this line in both httpd.conf and srm.conf
AccessFileName .htaccess
0
 

Author Comment

by:chazhs
ID: 7112298
Also Tried without the <limit> tag :)
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 100 total points
ID: 7112848
did you set AllowOverride propper in your httpd.conf?
0
 

Author Comment

by:chazhs
ID: 7114540
Yes Sir, it worked!!!
Set
 AllowOverride AuthConfig Indexes

 in my httpd.conf and it worked magically!!!

Thanks for your help!!!
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Choosing CentOS 16 82
Help on running oracle SQL script in linux 3 50
winscp 000webhost.com 6 54
linux 13 50
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question