[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Authentication Help

Posted on 2004-08-19
11
Medium Priority
?
190 Views
Last Modified: 2010-03-04
What is the best practice to authenticate my cgi scripts?

I am currently using the .htaccess file to protect my html files.

I have all of my cgi scripts in the /cgi-bin/ & would like to authenticate.
0
Comment
Question by:Cleavis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 15

Expert Comment

by:periwinkle
ID: 11845849
By 'authenticate', do you mean password protect?  You can use .htaccess password protection to do this - you'd add a .htaccess file to the /cgi-bin directory that required a login of a username and password prior to delivering the files...
0
 

Author Comment

by:Cleavis
ID: 11845930
Yes I do want to password protect. I am trying to use the .htaccess file. I would like to protect files individually.

I am using the following htaccess file & i have no success yet.

<Files manifest007.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup
require group manifest_users
deny from all
satisfy any
</Files>
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846073
You need the full path to the files, not just the filename, I believe...
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 

Author Comment

by:Cleavis
ID: 11846091
actually i just read an article on the httpd.conf file. i had allow override none for the cgi-bin  i changed that over to allow override all & this solves the problem.

Thanks for your help.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846122
Nope, I appear to be wrong on that one.  Instead, you'd use something like:

AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup

<Files manifest007.cgi>
require group manifest_users
</Files>

(see:

http://httpd.apache.org/docs/mod/core.html#files
)
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846143
Post a comment in the community service section - they can make this a PAQ (previously asked question) and refund your points as you answered your own question :)
0
 

Author Comment

by:Cleavis
ID: 11846198
I was just going to ask you what i should do about these points.

If you include the the Auth information inside the <Files> tag you can refer to different password & group files for different cgi scripts.

I have many different groups within our organization accessing confidential files.  The file below is currently working. It will prompt for username & password each time i request one of these scripts.  

<Files manifest007.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup
require group manifest_users
deny from all
satisfy any
</Files>

<Files manifest001.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manpower/.htpasswd
AuthGroupFile /security/manpower/.htgroup
require group web_users
deny from all
satisfy any
</Files>

0
 
LVL 15

Expert Comment

by:samri
ID: 11849751
give the pts to me :))


/ request for PAQ/Refund from CommunitySupport (http://www3.experts-exchange.com/Community_Support/).   Post a 0-pts question.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11855927
Recommendation: PAQ - refund.
0
 
LVL 2

Accepted Solution

by:
Lunchy earned 0 total points
ID: 11885562
Closed, 500 points refunded.
Lunchy
Friendly Neighbourhood Community Support Admin
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses
Course of the Month14 days, 8 hours left to enroll

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question