Solved

Authentication Help

Posted on 2004-08-19
11
188 Views
Last Modified: 2010-03-04
What is the best practice to authenticate my cgi scripts?

I am currently using the .htaccess file to protect my html files.

I have all of my cgi scripts in the /cgi-bin/ & would like to authenticate.
0
Comment
Question by:Cleavis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 15

Expert Comment

by:periwinkle
ID: 11845849
By 'authenticate', do you mean password protect?  You can use .htaccess password protection to do this - you'd add a .htaccess file to the /cgi-bin directory that required a login of a username and password prior to delivering the files...
0
 

Author Comment

by:Cleavis
ID: 11845930
Yes I do want to password protect. I am trying to use the .htaccess file. I would like to protect files individually.

I am using the following htaccess file & i have no success yet.

<Files manifest007.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup
require group manifest_users
deny from all
satisfy any
</Files>
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846073
You need the full path to the files, not just the filename, I believe...
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:Cleavis
ID: 11846091
actually i just read an article on the httpd.conf file. i had allow override none for the cgi-bin  i changed that over to allow override all & this solves the problem.

Thanks for your help.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846122
Nope, I appear to be wrong on that one.  Instead, you'd use something like:

AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup

<Files manifest007.cgi>
require group manifest_users
</Files>

(see:

http://httpd.apache.org/docs/mod/core.html#files
)
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846143
Post a comment in the community service section - they can make this a PAQ (previously asked question) and refund your points as you answered your own question :)
0
 

Author Comment

by:Cleavis
ID: 11846198
I was just going to ask you what i should do about these points.

If you include the the Auth information inside the <Files> tag you can refer to different password & group files for different cgi scripts.

I have many different groups within our organization accessing confidential files.  The file below is currently working. It will prompt for username & password each time i request one of these scripts.  

<Files manifest007.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup
require group manifest_users
deny from all
satisfy any
</Files>

<Files manifest001.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manpower/.htpasswd
AuthGroupFile /security/manpower/.htgroup
require group web_users
deny from all
satisfy any
</Files>

0
 
LVL 15

Expert Comment

by:samri
ID: 11849751
give the pts to me :))


/ request for PAQ/Refund from CommunitySupport (http://www3.experts-exchange.com/Community_Support/).   Post a 0-pts question.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11855927
Recommendation: PAQ - refund.
0
 
LVL 2

Accepted Solution

by:
Lunchy earned 0 total points
ID: 11885562
Closed, 500 points refunded.
Lunchy
Friendly Neighbourhood Community Support Admin
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
Come and listen to Percona CEO Peter Zaitsev discuss what’s new in Percona open source software, including Percona Server for MySQL (https://www.percona.com/software/mysql-database/percona-server) and MongoDB (https://www.percona.com/software/mongo-…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question