Restricting Users

Next: More detailed access Up: The Access Configuration Previous: The Access Configuration

Restricting Users

The access.conf file can also be used to provide password authorisation to files or directories. Several options are needed for each `` <Directory>'' specification to enable this:

AuthUserFile
AuthGroupFile
AuthName
AuthType

The `` AuthUserFile'' option specifies the password file to be used as a list of known users and their passwords. The password file can be maintained using the htpasswd program available with NCSA HTTPD. The `` AuthGroupFile'' option specifies a file containing groups of users. Each entry in this file is of the form:

webweavers: handley crowcroft
syspeople: jonathan berry ray steve

where `` webweavers'' is a group name, and `` handley'', `` crowcroft'' etc are usernames as specified in the AuthUserFile.

`` AuthName'' specifies a string on text that will be displayed by the client to remind the user which password is required. `` AuthType'' is the authorisation type, but currently it can only be `` Basic''. These are used along with the `` require'' directive as follows:

<Directory /www/htdocs/people/secure>
AuthUserFile /www/Admin/passwd
AuthGroupFile /www/Admin/group
AuthName test27
AuthType Basic
<Limit GET>
require group webweavers
require user jonathan
</Limit>
</Directory>

Jon Crowcroft
Wed May 10 11:46:29 BST 1995