Second Summer 2009

Password protected folders. Database design (I).
I include only the password protected related notes. The rest will be posted a bit later. Here we go:

  1. Create 
       mkdir ~/apache/htdocs/protected 
    



  2.  Go to 


       ~/apache
    

and create a password file:


       pico passwd 
     


  3.   Make the contents of this file be just one line: 


       dgerman:UIaTPpE.ZpwHw    
    

Then exit, saving the contents. 
     


  4.  Open with 
    pico ~/apache/conf/httpd.conf
     and go to line 125 (^W, ^T, 125 ) then add these :


    <Directory /u/[username]/apache/htdocs/protected>
  AuthName Protected
  AuthType Basic
  AuthUserFile /u/[username]/apache/passwd
  <Limit GET POST>
    require user [instructor]
    require user lbird
  </Limit>
</Directory>
     

but of course make the changes you need to make: 


    <Directory /u/dgerman/apache/htdocs/protected>
  AuthName Protected
  AuthType Basic
  AuthUserFile /u/dgerman/apache/passwd   
  <Limit GET POST>
    require user dgerman     
    require user lbird
    require user ktaber
  </Limit>
</Directory>
    


  5.  Create passwords for the non-instructor users: 


    -bash-3.2$ pwd
/u/dgerman/apache

-bash-3.2$ ls -ld passwd
-rw-r--r-- 1 dgerman faculty 22 Feb  5 11:37 passwd

-bash-3.2$ cat passwd
dgerman:UIaTPpE.ZpwHw

-bash-3.2$ bin/htpasswd 
Usage:
        htpasswd [-cmdpsD] passwordfile username
        htpasswd -b[cmdpsD] passwordfile username password

        htpasswd -n[mdps] username
        htpasswd -nb[mdps] username password
 -c  Create a new file.
 -n  Don't update file; display results on stdout.
 -m  Force MD5 encryption of the password.
 -d  Force CRYPT encryption of the password (default).
 -p  Do not encrypt the password (plaintext).
 -s  Force SHA encryption of the password.
 -b  Use the password from the command line rather than prompting for it.
 -D  Delete the specified user.
On Windows, NetWare and TPF systems the '-m' flag is used by default.
On all other systems, the '-p' flag will probably not work.

-bash-3.2$ bin/htpasswd passwd lbird
New password: 
Re-type new password: 
Adding password for user lbird

-bash-3.2$ cat passwd
dgerman:UIaTPpE.ZpwHw
lbird:JIYveYLlORlD.

-bash-3.2$ bin/htpasswd -b passwd ktaber stepup 
Adding password for user ktaber

-bash-3.2$ cat passwd
dgerman:UIaTPpE.ZpwHw
lbird:JIYveYLlORlD.
ktaber:TMdu47VlmfNUY

-bash-3.2$ 
     


  6.  Restart your server: 


      ~/apache/bin/apachectl restart
    


  7.  Then connect to your folder to check password protection: 


      http://silo.cs.indiana.edu:46xxx/protected
    


  8.  Post something. I decided to post: 


      ~/apache/cgi-bin/0202/one
    

To get the program running you access the following URL: 


      http://silo.cs.indiana.edu:46016/cgi-bin/0202/one
    

To see the source code you need a different link. 
     

Create a symbolic link to the code (in protected): 
     


    -bash-3.2$ pwd
/u/dgerman/apache/htdocs/protected

-bash-3.2$ ls -l
total 0

-bash-3.2$ ln -s ../../cgi-bin/0202/one one.txt

-bash-3.2$ ls -l
total 4
lrwxrwxrwx 1 dgerman faculty 22 Feb  5 12:06 one.txt -> ../../cgi-bin/0202/one

-bash-3.2$ 
    

The link to the source code now is


      http://silo.cs.indiana.edu:46016/protected/one.txt 
    

--