Changes

From Amahi Wiki
Jump to: navigation, search
2,142 bytes removed ,  02:54, 13 August 2011
no edit summary
heading =WARNING|
message = This is recommended only for advanced users, proceed with caution.}}
Would you like We have a budding feature to control which HDA users can access certain web applications? While require login to individual webapps. Note - each app may have created a corresponding webapp. It's in this function does not currently exist in Amahiwebapp that the Login Required may be selected. If selected, this settings makes it can be done quite easily by following such that the steps outlined below. When application will ask for a user accesses name and a password. Unfortunately this is no integrated yet with the rest of the specific web applicationuser/password system already in place, so for now, they will it has to be prompted for done using htaccess controls. We have decided to make these a user name global setting, i.e. the users and passwordare all the same to all the apps that require login.
== How to do it ==
*This requires creation of two files (<code>.htaccess</code> and <code>.htpasswd</code>) be placed in the directory of each web application you want to protect.
*The <code>.htpasswd</code> file will identify user names/passwords (encrypted) and the <code>.htaccess</code> file will contain the code needed to use that file to protect the web application.
#First you need to identify the web application you want to protect and it's physical location ('''''/var/hda/web-app/appname''''') on your server. For example, the path for '''Linfo''' would be '''''/var/hda/web-app/linfo'''''.
#Next, you need to decide on the user names/passwords who will have access. This has to be the HDA users credentials that are used to log into the HDA Dashboard.
==== Create the Files ====
There are two options for creating the <code>.htpasswd</code> and <code>.htaccess</code> files:
*Option 1: Navigate to [http://www.webmaster-toolkit.com/htaccess-generator.shtml .htaccess Generator].
<blockquote>
*Enter desired Username, Password, and Path (physical location where <code>.htpasswd</code> will be stored). For example, Username '''''amahi''''', Password '''''amahi''''', and Path '''''/var/hda/web-apps/linfo'''''.
*Select the '''Generate .htaccess''' button.
*Create <code>.htacess</code> file in the web application html directory (i.e. '''''/var/hda/web-apps/linfo/html'''''). Copy the text in ''"This is what your .htaccess file should look like..."'' box and paste it into the <code>.htacess</code> file (i.e. '''''/var/hda/web-apps/linfo/html'''''). It should look similar to this:
{{Text|AuthUserFile /var/hda/web-apps/linfo/.htpasswd
AuthGroupFile /dev/null
AuthName "Password Protected Area"
AuthType Basic
<limit GET POST>
require valid-user
</limit>}}
*Next create <code>.htpasswd</code> file in then web application directory (i.e. '''''/var/hda/web-apps/linfo'''''). Copy the text from ''"And this is what your .htpasswd file should look like..."'' box and paste it into the <code>.htpasswd</code> file (i.e. '''''/var/hda/web-apps/linfo'''''). It should look similar to this:
{{Text|amahi:amb24e1pXrqFY}}
*Proceed to the '''Set the Permissions''' section to complete.
</blockquote>
*Option 2:
<blockquote>
*Perform the following steps [[Open_Terminal_as_root|as root user]] (change '''username''', '''password''', and '''appname''' as appropriate):
{{Code|htpasswd -c -b /var/hda/web-apps/appname/.htpasswd username password}}
*Add additional users, repeat the previous step ('''NOTE:''' the -c option is only needed the first time you create the file for that web application):
{{Code|htpasswd -b /var/hda/web-apps/appname/.htpasswd username password}}
*Delete a user, do the following:
{{Code|htpasswd -D /var/hda/web-apps/appname/.htpasswd username}}
*Create the <code>.htaccess</code> file in the '''''/var/hda/web-apps/appname/html''''' directory (change '''appname''' in ''AuthName'' and ''AuthUserFile'' lines; i.e. '''Linfo''' and '''linfo''' respectively):
{{Text|AuthName "appname Access"
AuthType Basic
AuthUserFile /var/hda/web-apps/appname/.htpasswd
require valid-user}}
</blockquote>
==== Set File permissionsThis requires that an htaccess file and an htpassword file be created in a place that it's accessible to the web server. To create an <code>htpasswd</code> file containing the users and passwords* you can go to a [http: ====//www.webmaster-toolkit.com/htaccess-generator.shtml public htaccess/htpasswd generator] and copy the contents of what the "And this is what your .htpasswd file should look like..." box has * Ensure or you can use the htpasswd command (first time with -c){{Code|htpasswd -c .htpasswd USERNAME}} The file should contain lines like this: USERNAME:3Ce3F4zRcVf42 The file should be owned by apache:apache and have 600 permissions are correctly set on the two files as follows (change '''appname''' , so copy it over, then, as appropriate)root: {{Code|chmod 600 cp .htpasswd /var/hda/web-apps/appname/.htpasswdchmod 600 /var/hda/web-apps/appname/html/.htaccesshtpasswdchown apache:apache /var/hda/web-apps/appname/htpasswd}} = If you have webmin installed = After logging into webmin select “Others” on the left-hand side, click on “Protected Web Directories” and then select “Add protection for a new directory”.htpasswdchown apache:users /var/hdaIn “Directory path” browse to/or enter the path to the ‘html’ web-apps/appname/html/directory you wish to protect, in “Authentication realm” enter something like for example “Authentication required” (this will show up on the popup login box) and then click on create.htaccess}}
* That's all there is Now you need to setup users to it. Now when allow login by clicking on “Add a HDA user accesses the web applicationnew user” in “Associated users and groups”, they will be greeted with a pop windows asking for user name and password. If when users have been created you uninstall the app, the <code>.htpasswd</code> and <code>.htaccess</code> files will should be removed as wellgood to go.
==== Future Considerations ====* Add a share to hold all .htpasswd files. Rename .htpasswd to .appname in order to keep them separate.* Locate a web application Note: After you have completed this process using webmin you can then select "un-protect selected directory" and use the HDA-Dashboard to createenable/manage .htpasswd files (DirectoryPass or htaccess generator)* Integrate with Amahi Dashboard to do all this via GUIdisable password protection.
12,424

edits