|
WARNING
|
This is recommended only for advanced users, proceed with caution.
|
Would you like to control which HDA users can access certain web applications? While this function does not currently exist in Amahi, it can be done quite easily by following the steps outlined below. When a user accesses the specific web application, they will be prompted for a user name and password.
How to do it
- This requires creation of two files (
.htaccess
and .htpasswd
) be placed in the directory of each web application you want to protect.
- The
.htpasswd
file will identify user names/passwords (encrypted) and the .htaccess
file will contain the code needed to use that file to protect the web application.
- First you need to identify the web application you want to protect and it's physical location (/var/hda/web-app/appname) on your server. For example, the path for Linfo would be /var/hda/web-app/linfo.
- Next, you need to decide on the user names/passwords who will have access. This has to be the HDA users credentials that are used to log into the HDA Dashboard.
Create the Files
There are two options for creating the .htpasswd
and .htaccess
files:
- Enter desired Username, Password, and Path (physical location where
.htpasswd
will be stored). For example, Username amahi, Password amahi, and Path /var/hda/web-apps/linfo.
- Select the Generate .htaccess button.
- Create
.htacess
file in the web application html directory (i.e. /var/hda/web-apps/linfo/html). Copy the text in "This is what your .htaccess file should look like..." box and paste it into the .htacess
file (i.e. /var/hda/web-apps/linfo/html). It should look similar to this:
Text
|
AuthUserFile /var/hda/web-apps/linfo/.htpasswd AuthGroupFile /dev/null AuthName "Password Protected Area" AuthType Basic <limit GET POST> require valid-user </limit>
|
- Next create
.htpasswd
file in then web application directory (i.e. /var/hda/web-apps/linfo). Copy the text from "And this is what your .htpasswd file should look like..." box and paste it into the .htpasswd
file (i.e. /var/hda/web-apps/linfo). It should look similar to this:
Text
|
amahi:amb24e1pXrqFY
|
- Proceed to the Set the Permissions section to complete.
- Perform the following steps as root user (change username, password, and appname as appropriate):
bash code
|
htpasswd -c -b /var/hda/web-apps/appname/.htpasswd username password
|
- Add additional users, repeat the previous step (NOTE: the -c option is only needed the first time you create the file for that web application):
bash code
|
htpasswd -b /var/hda/web-apps/appname/.htpasswd username password
|
- Delete a user, do the following:
bash code
|
htpasswd -D /var/hda/web-apps/appname/.htpasswd username
|
- Create the
.htaccess
file in the /var/hda/web-apps/appname/html directory (change appname in AuthName and AuthUserFile lines; i.e. Linfo and linfo respectively):
Text
|
AuthName "appname Access" AuthType Basic AuthUserFile /var/hda/web-apps/appname/htpasswd require valid-user
|
Set File permissions:
- Ensure the permissions are correctly set on the two files as follows (change appname as appropriate):
bash code
|
chmod 600 /var/hda/web-apps/appname/.htpasswd chmod 600 /var/hda/web-apps/appname/html/.htaccess chown apache:apache /var/hda/web-apps/appname/.htpasswd chown apache:users /var/hda/web-apps/appname/html/.htaccess
|
- That's all there is to it. Now when a HDA user accesses the web application, they will be greeted with a pop windows asking for user name and password.
Future Considerations
- Add a share to hold all .htpasswd files. Rename .htpasswd to .appname in order to keep them separate.
- Create a web application to create/manage .htpasswd files.
- Integrate with Amahi Dashboard to do all this via GUI.