[KLUG Members] Have any of you successfully implemented .htaccess/.htpasswd functionality on your or your ISP servers?

rels members@kalamazoolinux.org
Tue, 19 Nov 2002 13:16:26 -0500

Previous message: [KLUG Members] Using USB printer in Linux ( RH8 , Mandrake 9)
Next message: [KLUG Members] Have any of you successfully implemented .htaccess/.htpasswd functionality on your or your ISP servers?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Well ... I haven't ... and request your help.

>From what I understand, .htaccess and .htpasswd are two ASCII files
with no 'file'
names ... the .htaccess and .htpasswd actually represent the file
extensions.  .htaccess is an ASCII text "entity" that contains various
directives that will be interpreted by an Apache Server, while
.htpasswd is is simply an ASCII text "entity" that contains the
typical
username and encrypted password combo, i.e., rob:xYZ123qUS or sometime
similar.

Depending on what one wants to do, these files will be located in
various directories.  For instance, if you wish to protect a certain
directory that contains some .pdf documents that you only want certain
people to view, you can protect this directory using this approach.
What will happen when the directory is accessed is a prompt will pop
up requesting username and password. If all goes well, the user will
be allowed to access the directory and view the .pdf documents.

Here is the contents of .htaccess that the Apache Server will read and
execute according to the its contents:

"AuthUserFile /www/htdocs/domains/xyz.com/webdocs/.htpasswd
AuthGroupFile /dev/null
AuthName "PD Documents"
AuthType Basic

require user rob"

.htaccess is stored in a directory xyz.com/webdocs/private.

.htpasswd is stored up one level in xyz.com/webdocs and contains
something like this ...

rob:XYZ123abc

The operational concept is the Apache Server reads the .htaccess
ASCII file, locates the .htpasswd ASCII file along with causing a
pop-up prompt (which will read something like "Please enter username
and password to gain access to PD Documents at xyz.com) to be
displayed.  The user enters his/her username and password.  If all
goes right, he/she gains access.  If not, then the user will get the
Authorization Request message (401 I believe) as his/her credentials
(username and password)  have not been authenticated as having the
bonafides to access this particular directory.

I'm getting the prompt, but I'm not passing mustard here when it comes
to linking up to the .htpasswd ASCII file.  I've got something wrong.
Either the full pathname to the .htpasswd entity (although I checked
with ISP and used what they gave me ;>)) is incorrect, or perhaps an
Apache directive is missing.

I'm trying to implement this on an ISP's machine and while they offer
this functionality, the folks there don't seem to be really
knowledgeable of the
ins and outs and only provide the minimum of technical support when it
comes to the specifics of Apache.  Primarily they point you to
apache,org,  I knew nothing really of Apache until the other day ...
am learning more ... as I dig ... myself further into a hole!  LOL!
Obviously there is something missing here ... or should I really say
"I'm missing something here."

I've looked at a number of .htaccess tutorials, the apache org web
site and a few newsgroups ... what's sort of comical is ... I am not
alone!  But the sad thing is ... those on the newsgroups don't seem to
have any real constructive suggestions ... it's more like "trial and
error" ... which, of course, is a learning process in and of itself.

Well, food for thought and something to play with on your server ...
;>)) ... in your spare time.  Yeah ... sure ... right!

Any and all suggestions, comments and questions welcomed.

Take care.

Rob E.

Previous message: [KLUG Members] Using USB printer in Linux ( RH8 , Mandrake 9)
Next message: [KLUG Members] Have any of you successfully implemented .htaccess/.htpasswd functionality on your or your ISP servers?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]