Apache Basic Authentication: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
==Install==
<source lang="bash">
<source lang="bash">
apt -y install mariadb-server mariadb-client
apt -y install mariadb-server mariadb-client
Line 19: Line 20:
systemctl restart apache2
systemctl restart apache2
update-rc.d apache2enable
update-rc.d apache2enable
</source>
==Config==
<source lang="apache">
# mod_dbd configuration
DBDriver mysql
DBDParams "dbname=apache_auth user=apache pass=password"
DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300
<Directory "/usr/www/dev.chorke.org/soft/">
  AuthType Basic
  AuthName Team
  AuthBasicProvider dbd
  # mod_authn_dbd SQL
  AuthDBDUserPWQuery \
    "SELECT password FROM authn WHERE user = %s AND login = 'true'"
  # mod_authz_core configuration
  Require dbd-group team
  # mod_authz_dbd configuration
  AuthzDBDQuery "SELECT group FROM authz WHERE user = %s"
  # when a user fails to be authenticated or authorized,
  # invite them to login; this page should provide a link
  # to /team-private/login.html
  ErrorDocument 401 "/login-info.html"
  <Files "login.html">
    AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"
    Require dbd-login
    AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"
    AuthzDBDLoginToReferer On
  </Files>
  <Files "logout.html">
    Require dbd-logout
    AuthzDBDQuery "UPDATE authn SET login = 'false' WHERE user = %s"
  </Files>
</Directory>
</source>
</source>


Revision as of 01:59, 29 January 2020

Install

apt -y install mariadb-server mariadb-client
apt install libaprutil1-dbd-mysql

a2enmod dbd
a2enmod authn_dbd
a2enmod authz_dbd
authn_socache

systemctl restart mysql
update-rc.d mysql enable

systemctl restart apache2
update-rc.d apache2enable

Config

# mod_dbd configuration
DBDriver mysql
DBDParams "dbname=apache_auth user=apache pass=password"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory "/usr/www/dev.chorke.org/soft/">
  AuthType Basic
  AuthName Team
  AuthBasicProvider dbd

  # mod_authn_dbd SQL
  AuthDBDUserPWQuery \
    "SELECT password FROM authn WHERE user = %s AND login = 'true'"

  # mod_authz_core configuration
  Require dbd-group team

  # mod_authz_dbd configuration
  AuthzDBDQuery "SELECT group FROM authz WHERE user = %s"

  # when a user fails to be authenticated or authorized,
  # invite them to login; this page should provide a link
  # to /team-private/login.html
  ErrorDocument 401 "/login-info.html"

  <Files "login.html">
    AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"

    Require dbd-login
    AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"
    AuthzDBDLoginToReferer On
  </Files>

  <Files "logout.html">
    Require dbd-logout
    AuthzDBDQuery "UPDATE authn SET login = 'false' WHERE user = %s"
  </Files>
</Directory>

References

Retrieved from "https://cdn.chorke.org/weke/index.php?title=Apache_Basic_Authentication&oldid=2403"