setting up ACL in Apache - UNIX for Dummies Questions & Answers

moe2266 · #1 (**permalink**) 10-10-2007

Folks;
How can i setup ACL in Apache so i can give a group of users (defined by their emails (all users under *@red.com) access to a web page?

porter · #2 (**permalink**) 10-10-2007

1. Your previous post said directories, here you are saying web-pages.

2. Is a logon appropriate for these users? That is the traditional way of discriminating/identifing users on websites.

moe2266 · #3 (**permalink**) 10-10-2007

i don't have a logon. but here's more details (Sorry the old one wasn't clear):

- I have a directory on Solaris 8 called "/opt/user/ABC owned by a user who keeps adding some applications like html, etc.. under this directory
- I added Listen port 8082 in Apache httpd.conf
- Now this user can see his web pages under http://myhost:8082/ABC

- I have some other users i need to give them access to this webpage above using Apache access control. These users are defined by their e-mails like every one under (*@red.com)

I hope this is clear enough

porter · #4 (**permalink**) 10-10-2007

What do other people currently get if they go to that same URL?

Does his only work if he browses from the same physical machine? (eg src-ip and desc-ip are the same).

moe2266 · #5 (**permalink**) 10-10-2007

they couldn't see all web pages/links under this web page.
The owner of this webpages can access it from any where on the network not just from the physical machine

All i need is a way to use ACL in apache to give users access using their e-mail addresses

porter · #6 (**permalink**) 10-10-2007

How does he identify himself to the webserver?

porter · #7 (**permalink**) 10-10-2007

Authentication, Authorization, and Access Control

Quote:

How basic authentication works
When a particular resource has been protected using basic authentication, Apache sends a 401 Authentication Required header with the response to the request, in order to notify the client that user credentials must be supplied in order for the resource to be returned as requested.

Upon receiving a 401 response header, the client's browser, if it supports basic authentication, will ask the user to supply a username and password to be sent to the server. If you are using a graphical browser, such as Netscape or Internet Explorer, what you will see is a box which pops up and gives you a place to type in your username and password, to be sent back to the server. If the username is in the approved list, and if the password supplied is correct, the resource will be returned to the client.

Because the HTTP protocol is stateless, each request will be treated in the same way, even though they are from the same client. That is, every resource which is requested from the server will have to supply authentication credentials over again in order to receive the resource.

Quote:

Access control
Authentication by username and password is only part of the story. Frequently you want to let people in based on something other than who they are. Something such as where they are coming from. Restricting access based on something other than the identity of the user is generally referred to as Access Control.

Allow and Deny
The Allow and Deny directives let you allow and deny access based on the host name, or host address, of the machine requesting a document.

Nothing explicitly about email address. I think you will need an explicit logon/password per user.

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
Apache and SSL	alfredo	HP-UX	1	05-02-2008 12:11 AM
Apache help	ejbrever	UNIX for Dummies Questions & Answers	2	08-24-2006 06:50 AM
Setting Last-Modified Bit in Apache	robbieg	UNIX for Dummies Questions & Answers	1	12-03-2004 08:43 AM
Apache!	hassan2	UNIX for Advanced & Expert Users	1	08-07-2002 01:27 PM
apache	user666	UNIX for Dummies Questions & Answers	2	03-18-2002 02:20 PM

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode