Authentication in apache

8/8/2019 Authentication in apache

1/14

TOPIC

AUTHENTICATION IN APACHE

Submitted to Submitted by

Ms. Jasleen Prabjot

3010060036

Roll no 25


2/14

Apache Authenticationy Authentication is any process by which you verify that

someone is who they claim they are. This usually

involves a username and a password, but can includeany other method of demonstrating identity, such as asmart card, retina scan, voice recognition, orfingerprints.

y

For Example:- Authentication is equivalent toshowing your drivers license at the ticket counter atthe airport.


3/14

A sample authentication window

www.myserver.com


4/14

Setting up apache authentication

y Make sure that for the entry that you areusing, the AllowOverride AuthConfig

y directive is on.y Secondly you must create a password file for the zone

that you are protecting.


5/14

Authenticationy Apache provides several different methods of authentication

y File based authenticationy

Mod_Auth Authenticates users by looking up user namesand passwords in a file created by the HTPASSWD utilityy Mod_Auth_Digest Similar to Mod_Auth except it only

accepts digest encrypted credentials

y Database based authenticationy Mod_AuthDBM Authenticates users by looking up user

names and passwords in a database managed by theDBMMANAGE utility

y


6/14

Different Authentication controls

1. Basic

2. Digest3. NTLM

4. Alternate Authentication


7/14

Apache

User Authentication DirectivesDirective Description

AuthName Specifies descriptive text for user authentication that appears on the

users browser when the request is made to log on. Example:

AuthName Internal Product InformationAuthType Specifies the authentication type. Digest not supported so use

Basic. Example: AuthType Basic

AuthUserFile Specifies the complete path to the user authentication file.Example: AuthUserFile /var/www/users

AuthGroupFile Specifies the complete path to the text file that associates users withgroups.

require Defines which users in the user authentication file are allowed access

to the directory. Examples:require user fpessoa lcamoes

require group developers designers

require valid-user


8/14

AuthTypeSyntax:-

AuthType type

directory, .htaccess AuthType specifies the type of authorization control.

Basic was originally the only possible type, but Apache1.1 introduced Digest, which uses an MD5 digest and a

shared secret


9/14


10/14


11/14

AuthAuthoritativeSyntax:-

AuthAuthoritative on off

Default: AuthAuthoritative ondirectory, .htaccess

It setting the AuthAuthoritative directive explicitlyallows for both authentication or authorization to be

pass on lower level modules.


12/14

Anonymous vs. Authenticated

Modesy Uses public rights vs. logging in with a special user ID

and passwordy

Anonymous mode requires public access rights to Directory attributes Home Directory User home directory information

Host Server Physical server name

Host Resource Name Physical volume name

y Authenticated mode requires a special user object with

browse rights to USERand VOLUME objects


13/14

Authenticated Mode Pros vs.

Cons

13

Does not require administrator

intervention to allow home directory

access

Allows binding directly to LDAP or a

remote file system rather than depending

on public rights

Allows the Apache server to acquire

home directory information from any

LDAP server

All access to home directories or remote

file systems can be controlled through a

single Apache user object

Pros Cons

Requires a special

Apache user object

in eDirectory

Requires that a user

name and password

be stored in a

configuration file


14/14

Date post:	09-Apr-2018
Category:	Documents
Upload:	prablpu
View:	220 times
Download:	0 times

Authentication in apache

Documents