Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Authentication Help

Posted on 2004-08-19
11
Medium Priority
?
192 Views
Last Modified: 2010-03-04
What is the best practice to authenticate my cgi scripts?

I am currently using the .htaccess file to protect my html files.

I have all of my cgi scripts in the /cgi-bin/ & would like to authenticate.
0
Comment
Question by:Cleavis
10 Comments
 
LVL 15

Expert Comment

by:periwinkle
ID: 11845849
By 'authenticate', do you mean password protect?  You can use .htaccess password protection to do this - you'd add a .htaccess file to the /cgi-bin directory that required a login of a username and password prior to delivering the files...
0
 

Author Comment

by:Cleavis
ID: 11845930
Yes I do want to password protect. I am trying to use the .htaccess file. I would like to protect files individually.

I am using the following htaccess file & i have no success yet.

<Files manifest007.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup
require group manifest_users
deny from all
satisfy any
</Files>
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846073
You need the full path to the files, not just the filename, I believe...
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 

Author Comment

by:Cleavis
ID: 11846091
actually i just read an article on the httpd.conf file. i had allow override none for the cgi-bin  i changed that over to allow override all & this solves the problem.

Thanks for your help.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846122
Nope, I appear to be wrong on that one.  Instead, you'd use something like:

AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup

<Files manifest007.cgi>
require group manifest_users
</Files>

(see:

http://httpd.apache.org/docs/mod/core.html#files
)
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11846143
Post a comment in the community service section - they can make this a PAQ (previously asked question) and refund your points as you answered your own question :)
0
 

Author Comment

by:Cleavis
ID: 11846198
I was just going to ask you what i should do about these points.

If you include the the Auth information inside the <Files> tag you can refer to different password & group files for different cgi scripts.

I have many different groups within our organization accessing confidential files.  The file below is currently working. It will prompt for username & password each time i request one of these scripts.  

<Files manifest007.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manifest/.htpasswd
AuthGroupFile /security/manifest/.htgroup
require group manifest_users
deny from all
satisfy any
</Files>

<Files manifest001.cgi>
AuthName Member
AuthType Basic
AuthUserFile /security/manpower/.htpasswd
AuthGroupFile /security/manpower/.htgroup
require group web_users
deny from all
satisfy any
</Files>

0
 
LVL 15

Expert Comment

by:samri
ID: 11849751
give the pts to me :))


/ request for PAQ/Refund from CommunitySupport (http://www3.experts-exchange.com/Community_Support/).   Post a 0-pts question.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 11855927
Recommendation: PAQ - refund.
0
 
LVL 2

Accepted Solution

by:
Lunchy earned 0 total points
ID: 11885562
Closed, 500 points refunded.
Lunchy
Friendly Neighbourhood Community Support Admin
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Suggested Courses
Course of the Month20 days, 20 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question