Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

problem: authentication using .htaccess

Posted on 2002-06-26
8
Medium Priority
?
337 Views
Last Modified: 2013-12-15
I am using Apache server and linux  redhat 7.2.

My company uses ldap to store employee info. We have a mounted directory, which has the ldap_db and also a user-passwd file which has all userid and encrypted passwords.

Now,  I want to be able to put a .htaccess file at directory level, to authenticate users before they access my site.

I tried putting a .htaccess file at my homedirectory  which looks like this:

AuthUserFile /network/ldap/user-passwords.txt
AuthName John Doe's Members-Only Area
AuthType Basic
 <Limit GET POST PUT>
 require valid-user
 </Limit>

But when I try http://localhost/~me, it does not prompt for password. I dont get any errors either, and the webpages are displayed fine.  Any idea why it does not prompt for userid/passwd?


Note:
In my LinuxGUI, System>AuthenticationConfiguration> I checked "Enable LDAP Support" and Configured LDAP to point to the correct server name and search base.
(Although I dont know if this is related to the .htaccess authentication or not)

Thank you.
0
Comment
Question by:chazhs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7111935
# never tried if it works with .htaccess, but works in httpd.conf <Location "/confidential/">

        AuthName "confidential data"
        AuthType Basic
        #
        # --- openldap
        AuthLDAPHosts "FQDN"
        AuthLDAPBindDN "cn=Manager,...,dc=xxx-xxx,dc=de"
        AuthLDAPBindPassword password
        AuthLDAPBaseDN "..,dc=xxx,dc=xxx-xxx,dc=de"
        #
        AuthLDAPSearchScope subtree
        AuthLDAPUserKey uid
        AuthLDAPPassKey userPassword
        #
        # --- Base64 encodced
        AuthLDAPSchemePrefix off
        #
        <Limit GET POST>
        require valid-user
        </Limit>

# keep in mind that AuthType Basic transfers the password nearly plain text (simple encryption)
# Hope that you are shure you want to compromise your internal security by such a public access
0
 

Author Comment

by:chazhs
ID: 7112008
I am not clear on this answer. No idea what to substitue for any of the variables above. (sorry, Im new here)

Anyhow, I guess giving the ldap server name directly might not work for me, since I need to give access to a restricted user list sometimes. (not the whole company)
So I maintain my own list of userids and encrypted passwords.
Thanks.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7112038
beside the ldap server name you need to know the base dn and the dn for an account which is allowed to query the database (or ask your LDAP admin if the database can be queried anonymous, probably not for passwords:)
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 

Author Comment

by:chazhs
ID: 7112163
I guess the problem is not so much ldap, but just getting .htaccess to work correctly.

I changed my .htaccess file so my AuthUserFile points to a local .htpasswd file that I just created using
htpasswd -c .htpasswd username

Still no luck, the web page gets displayed without any errors, but does not prompt for userid :(
0
 

Author Comment

by:chazhs
ID: 7112296
Note, I did try restarting webserver.

Also found this line in both httpd.conf and srm.conf
AccessFileName .htaccess
0
 

Author Comment

by:chazhs
ID: 7112298
Also Tried without the <limit> tag :)
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 400 total points
ID: 7112848
did you set AllowOverride propper in your httpd.conf?
0
 

Author Comment

by:chazhs
ID: 7114540
Yes Sir, it worked!!!
Set
 AllowOverride AuthConfig Indexes

 in my httpd.conf and it worked magically!!!

Thanks for your help!!!
0

Featured Post

Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question