Difference between revisions of "Require Login"

From Amahi Wiki
Jump to: navigation, search
Line 6: Line 6:
 
*The <code>htpasswd</code> file will identify user names/passwords (encrypted) and the <code>.htaccess</code> file  will contain the code needed to use that file to protect the web application.
 
*The <code>htpasswd</code> file will identify user names/passwords (encrypted) and the <code>.htaccess</code> file  will contain the code needed to use that file to protect the web application.
 
#First you need to identify the web application you want to protect and it's physical location (<code>/var/hda/web-app/appname</code>) on your server.  For example, the path for '''Linfo''' would be <u>'''/var/hda/web-app/linfo'''</u>.
 
#First you need to identify the web application you want to protect and it's physical location (<code>/var/hda/web-app/appname</code>) on your server.  For example, the path for '''Linfo''' would be <u>'''/var/hda/web-app/linfo'''</u>.
#Next, you need to decide on the user names/passwords who will have access.  This has to be the HDA users credentials that are used to log into the HDA Dashboard.
+
#Next, you need to decide on the user names/passwords who will have access.  This has to be the HDA users credentials that are used to log into the HDA Dashboard.
  
 
*There are two options for creating the <code>htpasswd</code> and <code>.htaccess</code> files:
 
*There are two options for creating the <code>htpasswd</code> and <code>.htaccess</code> files:
Line 13: Line 13:
 
{{Code|htpasswd -c .htpasswd USERNAME}}
 
{{Code|htpasswd -c .htpasswd USERNAME}}
  
The file should contain lines like this:  
+
The <code>htpassword</code>file should look similar to this:  
{{Text|USERNAME:3Ce3F4zRcVf42}}
+
{{Text|username:3Ce3F4zRcVf42}}
  
 
The file should be owned by apache:apache and have 600 permissions, so copy it over, then, as root:
 
The file should be owned by apache:apache and have 600 permissions, so copy it over, then, as root:

Revision as of 21:03, 10 August 2011

Msgbox.update.png Update Needed
The contents of this page have become outdated or irrelevant. Please consider updating it.

Do you want to control which HDA users can access web applications. While this function does not currently exist in Amahi, it can be done quite easily by following the steps outlined below. When a user accesses the specific web application, they will be asked for a user name and password.

How to do it

  • This requires creation of two files (.htaccess and htpassword) be placed in the directory of each web application you want to protect.
  • The htpasswd file will identify user names/passwords (encrypted) and the .htaccess file will contain the code needed to use that file to protect the web application.
  1. First you need to identify the web application you want to protect and it's physical location (/var/hda/web-app/appname) on your server. For example, the path for Linfo would be /var/hda/web-app/linfo.
  2. Next, you need to decide on the user names/passwords who will have access. This has to be the HDA users credentials that are used to log into the HDA Dashboard.
  • There are two options for creating the htpasswd and .htaccess files:
  1. Navigate to .htaccess Generator.
  2. Use the htpasswd command:
bash code
​htpasswd -c .htpasswd USERNAME​


The htpasswordfile should look similar to this:

Text
​username:3Ce3F4zRcVf42​

The file should be owned by apache:apache and have 600 permissions, so copy it over, then, as root:

bash code
​cp .htpasswd /var/hda/web-apps/htpasswd chmod 600 /var/hda/web-apps/htpasswd chown apache:apache /var/hda/web-apps/htpasswd​