backgroundcolor = red#faa|

<div style="border: 1px solid #A3B1BF; padding: .8em 1em; background-color: #E6F2FF; margin: 0px 1em;">'''NOTE:''' The one-click [https://www.amahi.org/apps/web-apps Web Apps] will provide this capability in Amahi 7 or greater.</div>  Would you like to control which HDA users can access certain web applications? While This can be easily done in Amahi 6. To use this function does not currently exist , select the web apps section in Amahithe apps tab. Expand the desired app and select the '''Require login''' check box. If selected, this settings makes it can be done quite easily by following such that the application will ask for a user name and a password. The perform the steps outlined belowto create the <code>htpasswd</code> file.   '''NOTE:''' When This is a user accesses global setting at the specific web applicationmoment, they will be prompted for a user name i.e. the users and passwordare all the same to all the apps that have '''Require login''' selected. This feature <u>IS NOT</u> compatible with [[Secure_App_Access|Access Web Apps over SSL]].

*This requires creation of two files (<code>.htaccessthe </code> and <code>.htpasswd</code>) be placed in the directory of each web application you want to protect.*The <code>.htpasswd</code> file will identify user names/passwords (encrypted) and the <code>.htaccess</code> file will contain the code needed to use that file to protect the web application.#First you need to identify the web application you want to protect and it's physical location (<code>''''/var/hda/web-app/appname</code>) on your server. For example, the path for apps'''Linfo''' would be directory. The <code>/var/hda/web-app/linfohtpasswd</code>.#Next, you need to decide on the file will identify user names/and passwords who will have access(encrypted). This has to be the HDA users credentials that are used to log into the HDA Dashboard.   ==== Create the Files htpasswd File ====There are two options for creating the <code>.htpasswd</code> and <code>.htaccess</code> filesfile:*Option 1: Navigate to [http://www.webmaster-toolkithtaccesstools.com/htaccesshtpasswd-generator.shtml .htaccess / htpasswd Generator].

*Enter desired Username, Password, and Path (physical location where <code>.htpasswd</code> will be stored). For example, Username '''''amahi''''', Password '''''amahi''''', and Path '''''/var/hda/web-apps/linfo'''''.

*Create <code>.htacess</code> file in the web application html directory (i.e. /var/hda/web-apps/linfo/html). Copy the text in ''"This is what your .htaccess file should look like..."'' box and paste it into the <code>.htacess</code> file (i.e. /var/hda/web-apps/linfo/html). It should look similar to this: {{Text|AuthUserFile /var/hda/web-apps/linfo/.htpasswdAuthGroupFile /dev/nullAuthName "Password Protected Area"AuthType Basic<limit GET POST>require valid-user</limit>}}*Next create <code>.htpasswd</code> file in then web application directory (i.e. /var/hda/web-apps/linfo). Copy the text from ''"And this is what your .htpasswd file should look like..."'' box and paste it into the <code>.htpasswd</code> file (i.e. /var/hda/web-apps/linfo). It should look similar to this: {{Text|<pre>amahi:amb24e1pXrqFY}}</pre>*Proceed to the '''Copy and Set the File Permissions''' section to complete.

*Option 2: [[Open_Terminal_as_root|Open Terminal as root user]]

*Perform Create the following steps [[Open_Terminal_as_root|as root user]] <code>htpasswd</code> file (change username, and password, and appname as appropriate):{{Code|<pre>htpasswd -c -b /var/hda/web-apps/appname/.htpasswd username password}}</pre>*Proceed to the '''Copy and Set File Permissions''' section to complete.</blockquote> ==== User Maintenance (Add/Delete) ====

{{Code| htpasswd -b /var/hda/web-apps/appname/.htpasswd username password}}

{{Code|htpasswd -D /var/hda/web-apps/appname/.htpasswd username}} ==== Copy and Set File permissions: ====*Create Copy the <code>.htaccesshtpasswd</code> file in to the web application directory: cp .htpasswd /var/hda/web-apps/appname/html directory (change '''appname''' in ''AuthName'' and ''AuthUserFile'' lines; i.e. '''Linfo''' and '''linfo''' respectively)htpasswd* Ensure the permissions are correctly set on the two files as follows:{{Text|AuthName "appname Access" chmod 600 /var/hda/web-apps/htpasswdAuthType BasicAuthUserFile chown apache:apache /var/hda/web-apps/appname/htpasswdrequire valid-user}}</blockquote>==== If you have Webmin installed ====

==== Set File permissions: ====*After logging into Webmin select “Others” on the left-hand side, click on “Protected Web Directories” and then select “Add protection for a new directory”.* Ensure In ''"Directory path"'' browse to/or enter the permissions are correctly set on path to the two files as follows (change <code>html</code> web directory you wish to protect, in ''“Authentication realm”''enter something like for example 'appname'“Authentication required”'' as appropriate(this will show up on the popup login box):{{Code|chmod 600 /var/hda/web-apps/appname/and then click on create.htpasswdchmod 600 /var/hda/web-apps/appname/html/.htaccesschown apache:apache /var/hda/web-apps/appname/.htpasswdchown apache:*Now you need to setup users to allow login by clicking on ''“Add a new user”'' in ''“Associated users and groups”'', when users /var/hda/web-apps/appname/html/have been created you should be good to go.htaccess}}

==== Future Considerations ====* Add a share to hold all .htpasswd files. '''NOTE:''' Rename .htpasswd to .appname in order to keep them separate.* Create a web application After you have completed this process using Webmin you can then select ''"un-protect selected directory"'' and use the HDA-Dashboard to createenable/manage .htpasswd files.* Integrate with Amahi Dashboard to do all this via GUIdisable password protection.