User Authentication

BACK

This page will cover setting up user authentication (i.e. password protecting parts of you site) with Apache 1.3.20 by using .htaccess files. If you upgraded by using my Apache 1.3.20 Upgrade HowTo and installed it into the same locations, then everything (files, binaries, etc) should be in the same places listed here. If not then you should be able to find them with little difficulty.

The first thing to do will be to create your user file using htpasswd. The htpasswd utility, is located in /usr/local/httpd/bin.
```
   suse:/ # htpasswd -c /usr/local/httpd/htdocs/webusers user1
```
You will be prompted for the password for user1, the -c creates the file if it doesn't exist. This creates a file with the user name and encrypted password separated by a semicolon. Subsequent users can be added with the following commands.
```
   suse:/ # htpasswd /usr/local/httpd/htdocs/webusers user2
   suse:/ # htpasswd /usr/local/httpd/htdocs/webusers user3
   suse:/ # htpasswd /usr/local/httpd/htdocs/webusers User4
```

Then create the group file called webgroup, it can be in the same location as webusers.

   # Start webgroup File

   group1: user1 user2 user3 User4
   
   # End webgroup File

Next create the .htaccess file in the directory you want to protect.

   AuthUserFile /usr/local/httpd/htdocs/webusers
   AuthGroupFile /usr/local/httpd/htdocs/webgroup
   AuthName "Realm Name"
   AuthType Basic
   Require group group1

Next edit your httpd.conf file to allow authentication. Make sure the AccessFileName is uncommented and lists .htaccess after it.
```
   AccessFileName .htaccess
```
In the <Directory "/usr/local/httpd/htdocs"> section, ensure that AllowOverride is also uncommented and lists AuthConfig after it.
```
   <Directory "/usr/local/httpd/htdocs">
   AllowOverride AuthConfig
```
If you edit the httpd.conf file you will have to restart Apache before any changes will be noticed.
```
   suse:/etc/rc.d # ./apache restart
```

BACK