Solved

problem: authentication using .htaccess

Posted on 2002-06-26
8
316 Views
Last Modified: 2013-12-15
I am using Apache server and linux  redhat 7.2.

My company uses ldap to store employee info. We have a mounted directory, which has the ldap_db and also a user-passwd file which has all userid and encrypted passwords.

Now,  I want to be able to put a .htaccess file at directory level, to authenticate users before they access my site.

I tried putting a .htaccess file at my homedirectory  which looks like this:

AuthUserFile /network/ldap/user-passwords.txt
AuthName John Doe's Members-Only Area
AuthType Basic
 <Limit GET POST PUT>
 require valid-user
 </Limit>

But when I try http://localhost/~me, it does not prompt for password. I dont get any errors either, and the webpages are displayed fine.  Any idea why it does not prompt for userid/passwd?


Note:
In my LinuxGUI, System>AuthenticationConfiguration> I checked "Enable LDAP Support" and Configured LDAP to point to the correct server name and search base.
(Although I dont know if this is related to the .htaccess authentication or not)

Thank you.
0
Comment
Question by:chazhs
  • 5
  • 3
8 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7111935
# never tried if it works with .htaccess, but works in httpd.conf <Location "/confidential/">

        AuthName "confidential data"
        AuthType Basic
        #
        # --- openldap
        AuthLDAPHosts "FQDN"
        AuthLDAPBindDN "cn=Manager,...,dc=xxx-xxx,dc=de"
        AuthLDAPBindPassword password
        AuthLDAPBaseDN "..,dc=xxx,dc=xxx-xxx,dc=de"
        #
        AuthLDAPSearchScope subtree
        AuthLDAPUserKey uid
        AuthLDAPPassKey userPassword
        #
        # --- Base64 encodced
        AuthLDAPSchemePrefix off
        #
        <Limit GET POST>
        require valid-user
        </Limit>

# keep in mind that AuthType Basic transfers the password nearly plain text (simple encryption)
# Hope that you are shure you want to compromise your internal security by such a public access
0
 

Author Comment

by:chazhs
ID: 7112008
I am not clear on this answer. No idea what to substitue for any of the variables above. (sorry, Im new here)

Anyhow, I guess giving the ldap server name directly might not work for me, since I need to give access to a restricted user list sometimes. (not the whole company)
So I maintain my own list of userids and encrypted passwords.
Thanks.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7112038
beside the ldap server name you need to know the base dn and the dn for an account which is allowed to query the database (or ask your LDAP admin if the database can be queried anonymous, probably not for passwords:)
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Author Comment

by:chazhs
ID: 7112163
I guess the problem is not so much ldap, but just getting .htaccess to work correctly.

I changed my .htaccess file so my AuthUserFile points to a local .htpasswd file that I just created using
htpasswd -c .htpasswd username

Still no luck, the web page gets displayed without any errors, but does not prompt for userid :(
0
 

Author Comment

by:chazhs
ID: 7112296
Note, I did try restarting webserver.

Also found this line in both httpd.conf and srm.conf
AccessFileName .htaccess
0
 

Author Comment

by:chazhs
ID: 7112298
Also Tried without the <limit> tag :)
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 100 total points
ID: 7112848
did you set AllowOverride propper in your httpd.conf?
0
 

Author Comment

by:chazhs
ID: 7114540
Yes Sir, it worked!!!
Set
 AllowOverride AuthConfig Indexes

 in my httpd.conf and it worked magically!!!

Thanks for your help!!!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
su - oracle could not open session 6 95
how to rebuild XFS volume from LV 19 90
LINUX backups with VEEAM 8 119
CentOS 7 Linux for HP DL380 G4 32Bits 7 46
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question