Difference between revisions of "Require Login"

From Amahi Wiki
Jump to: navigation, search
Line 7: Line 7:
 
*The <code>htpasswd</code> file will identify user names/passwords (encrypted) and the <code>.htaccess</code> file  will contain the code needed to use that file to protect the web application.
 
*The <code>htpasswd</code> file will identify user names/passwords (encrypted) and the <code>.htaccess</code> file  will contain the code needed to use that file to protect the web application.
  
*To create the <code>htpasswd</code> file you can use [http://www.webmaster-toolkit.com/htaccess-generator.shtml .htaccess Generator] and copy the contents of what the "And this is what your .htpasswd file should look like..." box or use the htpasswd command.
+
*There are two methods for creating the <code>htpasswd</code> file:
 
+
# Use [http://www.webmaster-toolkit.com/htaccess-generator.shtml .htaccess Generator] and copy the contents of what the "And this is what your .htpasswd file should look like..." box
  
 +
#Use the htpasswd command:
 
{{Code|htpasswd -c .htpasswd USERNAME}}
 
{{Code|htpasswd -c .htpasswd USERNAME}}
  

Revision as of 20:44, 10 August 2011

Msgbox.update.png Update Needed
The contents of this page have become outdated or irrelevant. Please consider updating it.

Do you want to control which HDA users can access web applications. While this function does not currently exist in Amahi, it can be done quite easily by following the steps outlined below. When a user accesses the specific web application, they will be asked for a user name and password.

How to do it

  • This requires creation of two files (.htaccess and htpassword) be placed in the directory of each web application you want to protect.
  • The htpasswd file will identify user names/passwords (encrypted) and the .htaccess file will contain the code needed to use that file to protect the web application.
  • There are two methods for creating the htpasswd file:
  1. Use .htaccess Generator and copy the contents of what the "And this is what your .htpasswd file should look like..." box
  1. Use the htpasswd command:
bash code
​htpasswd -c .htpasswd USERNAME​


The file should contain lines like this:

Text
​USERNAME:3Ce3F4zRcVf42​

The file should be owned by apache:apache and have 600 permissions, so copy it over, then, as root:

bash code
​cp .htpasswd /var/hda/web-apps/htpasswd chmod 600 /var/hda/web-apps/htpasswd chown apache:apache /var/hda/web-apps/htpasswd​


If you have webmin installed

After logging into webmin select “Others” on the left-hand side, click on “Protected Web Directories” and then select “Add protection for a new directory”.

In “Directory path” browse to/or enter the path to the ‘html’ web directory you wish to protect, in “Authentication realm” enter something like for example “Authentication required” (this will show up on the popup login box) and then click on create.

Now you need to setup users to allow login by clicking on “Add a new user” in “Associated users and groups”, when users have been created you should be good to go.

Note: After you have completed this process using webmin you can then select "un-protect selected directory" and use the HDA-Dashboard to enable/disable password protection.