You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by David <am...@starhub.net.sg> on 2003/11/23 18:45:51 UTC

[users@httpd] Password Sets for Each Website 

Hi guys,
 
Currently I know how implement simple authentication with my HTTP
Server.
I uses the .htaccess and the password file to do it. 
Basically I added some lines in the config file like the following 
 
<Directory "C:/Program Files/Apache Group/Apache2/htdocs/ABC">
    
            Options None
            AllowOverride AuthConfig
</Directory>
 
and in the ABC folder I have a .htaccess file as follows
 
AuthUserFile "C:\.htpasswd"
AuthName "Protected"
AuthType Basic
Require valid-user
 
 
 
 
Currently I have some 6 websites on my server which I like to have
password  protection. All these 6 protected websites share the same
"C:\.htpasswd". The folder ABC is just one of the 6 websites. There are
5 other folder in parallel to the ABC folders which are also protected
websites with the similar configuration lines as above. 
All these 6 websites are using the same sets of ID and passwords.
However, what I want is actually only a particular set of IDs can access
a particular website (i.e. one of the 6).
 
What should I do such that I can create websites where only a specific
set of users can access a particular protected website and cannot access
other protected website. 
Currently all users with an ID and password in the "C:\.htpasswd" can
access all my 6 websites (which is not really what I want). 
 
Many thanks for your time and attention.
 
Regards
David

Re: [users@httpd] Password Sets for Each Website

Posted by Lodrö Sangpo Joergen Larsen <ni...@tdcspace.dk>.
I am not sure but how about trying to use groups. have each site be a different group and then require the user to be in a specific group.?

OmManiPemeHung
Many Greetings Viele Gruesse Mange Hilsener
Lodrö Sangpo Joergen Larsen
www.nimmersoft.com www.nimmersoft.dk
Karmapa Chenno
OmManiPemeHung

  ----- Original Message ----- 
  From: David 
  To: HTTP Server Users 
  Sent: Sunday, November 23, 2003 6:45 PM
  Subject: [users@httpd] Password Sets for Each Website 


  Hi guys,

   

  Currently I know how implement simple authentication with my HTTP Server.

  I uses the .htaccess and the password file to do it. 

  Basically I added some lines in the config file like the following 

   

  <Directory "C:/Program Files/Apache Group/Apache2/htdocs/ABC">

      

              Options None

              AllowOverride AuthConfig

  </Directory>

   

  and in the ABC folder I have a .htaccess file as follows

   

  AuthUserFile "C:\.htpasswd"

  AuthName "Protected"

  AuthType Basic

  Require valid-user

   

   

   

   

  Currently I have some 6 websites on my server which I like to have password  protection. All these 6 protected websites share the same "C:\.htpasswd". The folder ABC is just one of the 6 websites. There are 5 other folder in parallel to the ABC folders which are also protected websites with the similar configuration lines as above. 

  All these 6 websites are using the same sets of ID and passwords. However, what I want is actually only a particular set of IDs can access a particular website (i.e. one of the 6).

   

  What should I do such that I can create websites where only a specific set of users can access a particular protected website and cannot access other protected website. 

  Currently all users with an ID and password in the "C:\.htpasswd" can access all my 6 websites (which is not really what I want). 

   

  Many thanks for your time and attention.

   

  Regards

  David

Re: [users@httpd] Password Sets for Each Website

Posted by Daniel Lopez <da...@rawbyte.com>.

> Currently I have some 6 websites on my server which I like to have
> password  protection. All these 6 protected websites share the same
> "C:\.htpasswd". 
[...]
> All these 6 websites are using the same sets of ID and passwords.
> However, what I want is actually only a particular set of IDs can access
> a particular website (i.e. one of the 6).
>  
> What should I do such that I can create websites where only a specific
> set of users can access a particular protected website and cannot access
> other protected website. 

Instead of using 

Require valid-user

use

Require user user1 user2

or organize users in groups and use

Require group group1 group2

More info at 

http://httpd.apache.org/docs/mod/core.html#require


-- 
Teach Yourself Apache 2 -- http://apacheworld.org/ty24/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Password Sets for Each Website

Posted by bvr <bv...@xs4all.nl>.
Read documentation.

http://httpd.apache.org/docs/mod/core.html#require

Robert Andersson wrote:

> [plain text, please...]
> 
> David wrote:
> 
>>All these 6 protected websites share the same "C:\.htpasswd".
>>[...] All these 6 websites are using the same sets of ID and passwords.
>>However, what I want is actually only a particular set of IDs can
>>access a particular website (i.e. one of the 6).
>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Password Sets for Each Website

Posted by Robert Andersson <ro...@profundis.nu>.
[plain text, please...]

David wrote:
> All these 6 protected websites share the same "C:\.htpasswd".
> [...] All these 6 websites are using the same sets of ID and passwords.
> However, what I want is actually only a particular set of IDs can
> access a particular website (i.e. one of the 6).

Why don't you create a password file for each site? That will usually be the
best approach; keep things separate. You could also be specific which user
or group can access which directories.

Regards,
Robert Andersson


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org