?
Solved

problem: authentication using .htaccess

Posted on 2002-06-26
8
Medium Priority
?
332 Views
Last Modified: 2013-12-15
I am using Apache server and linux  redhat 7.2.

My company uses ldap to store employee info. We have a mounted directory, which has the ldap_db and also a user-passwd file which has all userid and encrypted passwords.

Now,  I want to be able to put a .htaccess file at directory level, to authenticate users before they access my site.

I tried putting a .htaccess file at my homedirectory  which looks like this:

AuthUserFile /network/ldap/user-passwords.txt
AuthName John Doe's Members-Only Area
AuthType Basic
 <Limit GET POST PUT>
 require valid-user
 </Limit>

But when I try http://localhost/~me, it does not prompt for password. I dont get any errors either, and the webpages are displayed fine.  Any idea why it does not prompt for userid/passwd?


Note:
In my LinuxGUI, System>AuthenticationConfiguration> I checked "Enable LDAP Support" and Configured LDAP to point to the correct server name and search base.
(Although I dont know if this is related to the .htaccess authentication or not)

Thank you.
0
Comment
Question by:chazhs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7111935
# never tried if it works with .htaccess, but works in httpd.conf <Location "/confidential/">

        AuthName "confidential data"
        AuthType Basic
        #
        # --- openldap
        AuthLDAPHosts "FQDN"
        AuthLDAPBindDN "cn=Manager,...,dc=xxx-xxx,dc=de"
        AuthLDAPBindPassword password
        AuthLDAPBaseDN "..,dc=xxx,dc=xxx-xxx,dc=de"
        #
        AuthLDAPSearchScope subtree
        AuthLDAPUserKey uid
        AuthLDAPPassKey userPassword
        #
        # --- Base64 encodced
        AuthLDAPSchemePrefix off
        #
        <Limit GET POST>
        require valid-user
        </Limit>

# keep in mind that AuthType Basic transfers the password nearly plain text (simple encryption)
# Hope that you are shure you want to compromise your internal security by such a public access
0
 

Author Comment

by:chazhs
ID: 7112008
I am not clear on this answer. No idea what to substitue for any of the variables above. (sorry, Im new here)

Anyhow, I guess giving the ldap server name directly might not work for me, since I need to give access to a restricted user list sometimes. (not the whole company)
So I maintain my own list of userids and encrypted passwords.
Thanks.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7112038
beside the ldap server name you need to know the base dn and the dn for an account which is allowed to query the database (or ask your LDAP admin if the database can be queried anonymous, probably not for passwords:)
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:chazhs
ID: 7112163
I guess the problem is not so much ldap, but just getting .htaccess to work correctly.

I changed my .htaccess file so my AuthUserFile points to a local .htpasswd file that I just created using
htpasswd -c .htpasswd username

Still no luck, the web page gets displayed without any errors, but does not prompt for userid :(
0
 

Author Comment

by:chazhs
ID: 7112296
Note, I did try restarting webserver.

Also found this line in both httpd.conf and srm.conf
AccessFileName .htaccess
0
 

Author Comment

by:chazhs
ID: 7112298
Also Tried without the <limit> tag :)
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 400 total points
ID: 7112848
did you set AllowOverride propper in your httpd.conf?
0
 

Author Comment

by:chazhs
ID: 7114540
Yes Sir, it worked!!!
Set
 AllowOverride AuthConfig Indexes

 in my httpd.conf and it worked magically!!!

Thanks for your help!!!
0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month8 days, 9 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question