apache htpasswd

Justin Bennett Justin.Bennett at dynabrade.com
Wed Aug 3 10:28:44 EDT 2005


yeah but I need the username, for certain parts of the page. It's used 
by the scripting side to query the database for certain things. It's a 
php site, I can code in some access controls.

Thanks

Justin

Justin Bennett
Network Administrator
Dynabrade, Inc.
8989 Sheridan Dr.
Clarence, NY 14031
 



On 8/3/2005 10:18 AM, David Purucker wrote:

>> I have a world accessible site like an intranet site with some 
>> company information on it. I have an htpassword scheme to control 
>> user access. For the most part it's not a problem, however we have 
>> certain groups within the company that use this system that have a
>> generic username/password. I would like to restrict these users to 
>> only be able to access the site from inside the building.
>
>
>> so If user = generic user and network = 192.168.x.0/255.255.255.0
>> then let them in other users login from any address
>> Maybe this is possible with two password files?
>
>
> Have you considered group authentication, with the Satisfy directive?
>
> An example from the apache 1.3.x docs:
>
> A very good example of this is using access control to assure that, 
> although a resource is password protected from outside your network, 
> all hosts inside the network will be given free access to the 
> resource. This would be accomplished by using the Satisfy directive, 
> as shown below.
>
> <Directory /usr/local/apache/htdocs/sekrit>
>  AuthType Basic
>  AuthName intranet
>  AuthUserFile /www/passwd/users
>  AuthGroupFile /www/passwd/groups
>  Require group customers
>  Order allow,deny
>  Allow from internal.com
>  Satisfy any
> </Directory>
>
> In this scenario, users will be let in if they either have a password, 
> or if they are in the internal network.
>
> -------------------------------------------------
>
> Giving this example a little tweak should get you where you need to go.
> Hope that helps...
>
> Dave
>
>



More information about the nflug mailing list