basic用户验证机制


basic用户验证机制

1,修改配置文件  
    vim /etc/httpd/conf.d/test.conf
        6 <directory /var/www/html/admin/>
        7 authtype basic
        8 AuthName "admin Page"
        9 AuthUserFile "/etc/httpd/conf.d/.httpuser"
        10 Require user tom alice
        11 </directory>

2,创建用户账户
    命令 : htpasswd
            -c  自动创建文件,仅应该在文件不存在时使用 
            -p  明文密码 
            -d  CRYPT格式加密,默认 
            -m  md5格式加密 
            -s  sha格式加密 
            -D  删除用户
    htpasswd -c /etc/httpd/conf.d/.httpuser  tom
    htpasswd  /etc/httpd/conf.d/.httpuser  alice
    htpasswd  /etc/httpd/conf.d/.httpuser  jack
    注释:创建第一个账号之后不用加‘c’选项,

3,保证安全性对文件.httpuser进行权限修改
    chmod 600 /etc/httpd/conf.d/.httpuser
    setfacl -m u:apache:r /etc/httpd/conf.d/.httpuser

basic对组验证机制

1,创建用户组文件
    vim /etc/httpd/conf.d/.httpgroup 
        g1: tom jack
        g2: tom alice

2,用户组文件
    vim  /var/www/html/admin/.htaccess 
        authtype basic
        AuthName "admin Page"
        AuthUserFile "/etc/httpd/conf.d/.httpuser"
        AuthGroupFile "/etc/httpd/conf.d/.httpgroup"
        Require group g1 g2

实现家目录web共享,并进行basic验证

1,修改用户配置文件
    vim /etc/httpd/conf.d/userdir.conf
        <IfModule mod_userdir.c>
            #UserDir disabled
            UserDir public
        </IfModule>

        #
        # Control access to UserDir directories.  The following is an example
        # for a site where these directories are restricted to read-only.
        #
        #<Directory "/home/*/public_html">
        #    AllowOverride FileInfo AuthConfig Limit Indexes
        #    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
        #    Require method GET POST OPTIONS
        #</Directory>
        <directory /home/wang/public>
        allowoverride authconfig                       </directory>

2,
    vim /home/wang/public/.htaccess 
        authtype basic
        AuthName "admin Page"
        AuthUserFile "/etc/httpd/conf.d/.httpuser"
        AuthGroupFile "/etc/httpd/conf.d/.httpgroup"   Require group g1 g2

3,创建家目录文件并更改权限
    mkdir ~wang/public
    setfacl -m u:apache:x ~wang/

4,测试
    http://localhost/~wang/index.html

实现状态页面显示

修改配置文件
    vim /etc/httpd/conf.d/test.conf
        <Location "/status">
        <requireany>
        require all denied
        require ip 192.168.36.1
        </requireany>
        SetHandler server-status
        </Location>
        ExtendedStatus On

共勉!