|
Password protecting WWW pages
Password protection for WWW pages is a standard extension available
on this WWW server.
Say, for example, you'd like to protect a subtree from your
www pages from unauthorised access. If this subtree is under the
~yourloginname/www/protect directory, then this is what you could
do:
- Create a file named ~yourloginname/www/protect/.htaccess
with the following content:
authuserfile /u/yourloginname/www/protect/.passwords
authname The supercalifragilistic protected pages
authtype basic
<limit get post put>
require valid-user
</limit>
This file tells the WWW server that all get, post and put operations
in this subtree should not be allowed to anyone other than people
present and identified through the password file specified above.
The value specified after authname must be something which
uniquely identifies your (protected) website.
- Create a file named ~yourloginname/www/protect/.passwords
with the following content:
stephen:WTjaZHUzELy8Y
geronimo:AUxL5zn3qe/HY
This file contains username:password pairs. The password is in a special
one-way encrypted format. To generate this encrypted format, use the
password encryptor.
Giving it a try
The password for the stephen account in the example above is
secret; the password for geronimo is hello.
Try accessing the protected page without
giving it a correct username and password; then try it with a valid pair.
|