Solved

Authentication Help

Posted on 2004-08-19
11
185 Views
Last Modified: 2010-03-04
What is the best practice to authenticate my cgi scripts?

I am currently using the .htaccess file to protect my html files.

I have all of my cgi scripts in the /cgi-bin/ & would like to authenticate.
0
Comment
Question by:Cleavis
11 Comments
 
LVL 15

Expert Comment

by:periwinkle
ID: 11845849
By 'authenticate', do you mean password protect?  You can use .htaccess password protection to do this - you'd add a .htaccess file to the /cgi-bin directory that required a login of a username and password prior to delivering the files...
0
 

Author Comment

by:Cleavis
ID: 11845930
Yes I do want to password protect. I am trying to use the .htaccess file. I would like to protect files individually.

I am using the following htaccess file & i have no success yet.

<Files manifest007.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup
require group manifest_users
deny from all
satisfy any
</Files>
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846073
You need the full path to the files, not just the filename, I believe...
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:Cleavis
ID: 11846091
actually i just read an article on the httpd.conf file. i had allow override none for the cgi-bin  i changed that over to allow override all & this solves the problem.

Thanks for your help.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846122
Nope, I appear to be wrong on that one.  Instead, you'd use something like:

AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup

<Files manifest007.cgi>
require group manifest_users
</Files>

(see:

http://httpd.apache.org/docs/mod/core.html#files
)
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846143
Post a comment in the community service section - they can make this a PAQ (previously asked question) and refund your points as you answered your own question :)
0
 

Author Comment

by:Cleavis
ID: 11846198
I was just going to ask you what i should do about these points.

If you include the the Auth information inside the <Files> tag you can refer to different password & group files for different cgi scripts.

I have many different groups within our organization accessing confidential files.  The file below is currently working. It will prompt for username & password each time i request one of these scripts.  

<Files manifest007.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup
require group manifest_users
deny from all
satisfy any
</Files>

<Files manifest001.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manpower/.htpasswd
AuthGroupFile /security/manpower/.htgroup
require group web_users
deny from all
satisfy any
</Files>

0
 
LVL 15

Expert Comment

by:samri
ID: 11849751
give the pts to me :))


/ request for PAQ/Refund from CommunitySupport (http://www3.experts-exchange.com/Community_Support/).   Post a 0-pts question.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11855927
Recommendation: PAQ - refund.
0
 
LVL 2

Accepted Solution

by:
Lunchy earned 0 total points
ID: 11885562
Closed, 500 points refunded.
Lunchy
Friendly Neighbourhood Community Support Admin
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Redirect URL's containing question marks 5 54
Leverage Browser Caching 7 69
Virtual host in apache 31 91
phpPgAdmin problem 14 143
In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question