{{NeedsUpdateMessageBox|backgroundcolor = #faa|image =Warning.png|heading =WARNING|message = This is recommended only for advanced users, proceed with caution.}}Do you want to control which HDA users can access <div style="border: 1px solid #A3B1BF; padding: .8em 1em; background-color: #E6F2FF; margin: 0px 1em;">'''NOTE:''' The one-click [https://www.amahi.org/apps/web applications. While -apps Web Apps] will provide this function does not currently exist capability in Amahi, it can be done quite easily by following the steps outlined below. When a user accesses the specific web application, they will be asked for a user name and password7 or greater.</div>

*The <code>htpasswd</code> file Would you like to control which HDA users can access certain web applications? This can be easily done in Amahi 6. To use this function, select the web apps section in the apps tab. Expand the desired app and select the '''Require login''' check box. If selected, this settings makes it such that the application will identify ask for a user names/passwords (encrypted) name and a password. The perform the steps below to create the <code>.htaccesshtpasswd</code> file will contain the code needed to use that file to protect the web application.

* Next'''NOTE:''' This is a global setting at the moment, you need i.e. the users and password are all the same to decide on all the user names/passwords who will apps that have access'''Require login''' selected. This has to be the HDA users credentials that are used to log into the HDA Dashboardfeature <u>IS NOT</u> compatible with [[Secure_App_Access|Access Web Apps over SSL]].

*There are two options for creating == How to do it ==This requires creation of the <code>htpasswd</code> and be placed in the '''''/var/hda/web-apps''''' directory. The <code>.htaccesshtpasswd</code> files:*# Method 1:*#* Navigate to [http://wwwfile will identify user names and passwords (encrypted).webmaster-toolkit.com/htaccess-generator.shtml .htaccess Generator].*# Method 2#*#* Use the htpasswd command:{{Code|htpasswd -c .htpasswd USERNAME}}

The ==== Create the htpasswd File ====There are two options for creating the <code>htpasswd</code> file should be owned by apache:apache *Option 1: Navigate to [http://www.htaccesstools.com/htpasswd-generator/ htpasswd Generator].<blockquote>*Enter desired Username, Password, and have 600 permissionsPath (physical location where <code>.htpasswd</code> will be stored). For example, so copy it overUsername '''''amahi''''', thenPassword '''''amahi''''', and Path '''''/var/hda/web-apps'''''.*Select the '''Generate .htaccess''' button.*Copy the text from ''"And this is what your .htpasswd file should look like..."'' box and paste it into the <code>.htpasswd</code> file. It should look similar to this: <pre>amahi:amb24e1pXrqFY</pre>*Proceed to the '''Copy and Set File Permissions''' section to complete.</blockquote>*Option 2: [[Open_Terminal_as_root|Open Terminal as rootuser]]<blockquote>*Create the <code>htpasswd</code> file (change username and password):<pre>htpasswd -c -b .htpasswd username password</pre>*Proceed to the '''Copy and Set File Permissions''' section to complete.</blockquote>

{{Code|cp .htpasswd /var/hda==== User Maintenance (Add/Delete) ====*Add additional users, repeat the previous step ('''NOTE:''' the -c option is only needed the first time you create the file for that webapplication): htpasswd -apps/htpasswdchmod 600 b /var/hda/web-apps/htpasswdusername passwordchown apache*Delete a user, do the following:apache htpasswd -D /var/hda/web-apps/htpasswd}}username

= If you have webmin installed === Copy and Set File permissions: ====*Copy the <code>.htpasswd</code> file to the web application directory: cp .htpasswd /var/hda/web-apps/htpasswd* Ensure the permissions are correctly set on the two files as follows: chmod 600 /var/hda/web-apps/htpasswd chown apache:apache /var/hda/web-apps/htpasswd

*After logging into Webmin select “Others” on the left-hand side, click on “Protected Web Directories” and then select “Add protection for a new directory”.*In “Directory path” ''"Directory path"'' browse to/or enter the path to the ‘html’ <code>html</code> web directory you wish to protect, in ''“Authentication realm” '' enter something like for example ''“Authentication required” '' (this will show up on the popup login box) and then click on create.*Now you need to setup users to allow login by clicking on ''“Add a new user”'' in ''“Associated users and groups”'', when users have been created you should be good to go.

Note'''NOTE: ''' After you have completed this process using webmin Webmin you can then select ''"un-protect selected directory" '' and use the HDA-Dashboard to enable/disable password protection.