setting up ACL in Apache


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers setting up ACL in Apache
# 1  
Old 10-10-2007
Computer setting up ACL in Apache

Folks;
How can i setup ACL in Apache so i can give a group of users (defined by their emails (all users under *@red.com) access to a web page?
# 2  
Old 10-10-2007
1. Your previous post said directories, here you are saying web-pages.

2. Is a logon appropriate for these users? That is the traditional way of discriminating/identifing users on websites.
# 3  
Old 10-10-2007
i don't have a logon. but here's more details (Sorry the old one wasn't clear):

- I have a directory on Solaris 8 called "/opt/user/ABC owned by a user who keeps adding some applications like html, etc.. under this directory
- I added Listen port 8082 in Apache httpd.conf
- Now this user can see his web pages under http://myhost:8082/ABC

- I have some other users i need to give them access to this webpage above using Apache access control. These users are defined by their e-mails like every one under (*@red.com)

I hope this is clear enough
# 4  
Old 10-10-2007
What do other people currently get if they go to that same URL?

Does his only work if he browses from the same physical machine? (eg src-ip and desc-ip are the same).
# 5  
Old 10-10-2007
they couldn't see all web pages/links under this web page.
The owner of this webpages can access it from any where on the network not just from the physical machine

All i need is a way to use ACL in apache to give users access using their e-mail addresses
# 6  
Old 10-10-2007
How does he identify himself to the webserver?
# 7  
Old 10-10-2007
Authentication, Authorization, and Access Control

Quote:
How basic authentication works
When a particular resource has been protected using basic authentication, Apache sends a 401 Authentication Required header with the response to the request, in order to notify the client that user credentials must be supplied in order for the resource to be returned as requested.

Upon receiving a 401 response header, the client's browser, if it supports basic authentication, will ask the user to supply a username and password to be sent to the server. If you are using a graphical browser, such as Netscape or Internet Explorer, what you will see is a box which pops up and gives you a place to type in your username and password, to be sent back to the server. If the username is in the approved list, and if the password supplied is correct, the resource will be returned to the client.

Because the HTTP protocol is stateless, each request will be treated in the same way, even though they are from the same client. That is, every resource which is requested from the server will have to supply authentication credentials over again in order to receive the resource.

Quote:
Access control
Authentication by username and password is only part of the story. Frequently you want to let people in based on something other than who they are. Something such as where they are coming from. Restricting access based on something other than the identity of the user is generally referred to as Access Control.

Allow and Deny
The Allow and Deny directives let you allow and deny access based on the host name, or host address, of the machine requesting a document.
Nothing explicitly about email address. I think you will need an explicit logon/password per user.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Help setting ACL's

Folks, Solaris 10 issue When I add a new directory to a path, I only get the "group@" line in the ACL The parent directory ACL is drwxrws---+ 12 root teama 12 Jul 18 10:31 . owner@:rwxp-DaARWc---:------:allow group@:rwxp-DaARWc--s:fd----:allow ... (0 Replies)
Discussion started by: wilberforce
0 Replies

2. Solaris

Is there a difference between setting a user as nologin and setting it as a role?

Trying to figure out the best method of security for oracle user accounts. In Solaris 10 they are set as regular users but have nologin set forcing the dev's to login as themselves and then su to the oracle users. In Solaris11 we have the option of making it a role because RBAC is enabled but... (1 Reply)
Discussion started by: os2mac
1 Replies

3. UNIX for Dummies Questions & Answers

Setting up HTTPS in Apache with Linux

I have recently setup a HTTP server using Apache. This was my first install of Apache, so I am very new to it. What I would now like to do is setup HTTPS for my server. Unfortunately, the official Apache 2.2 manual doesn't cover setting up HTTPS, and using Google search engine I have found... (2 Replies)
Discussion started by: SSL
2 Replies

4. BSD

Setting up Apache/mySQL/PHP in Jail

Server: FreeBSD 7.2-Release Previously I admin a website that uses IP.Board as a forum. It was on a FreeBSD server but there were some issues with some other people on the server so the whole server has been resetup. It is has been set up as a Unix Jail and I was given root access. Apache has... (3 Replies)
Discussion started by: Dark Severance
3 Replies

5. Web Development

First time setting up site on Apache

Hello All, I am relatively new to using Apache, I have recently set it up on Ubuntu. What I'm trying to do is make "/home/yves/MyFirstPHP/MyFirstPHP/HelloWorld.php" accessible through my browser using the URL: The UNIX and Linux Forums - Learn UNIX and Linux from Experts. The tutorials I have... (1 Reply)
Discussion started by: DarkMatter2009
1 Replies

6. Web Development

Problem setting up apache

Hello there, I installed Ajaxterm on my Ubuntu 9.04 machine, and it's running ok if I use : http://localhost:8022/ in my browser. The problem is that I wanted to be able to acces it from somewere else through the internet. I read some instruction and help sites related to this problem, like :... (2 Replies)
Discussion started by: spiriad
2 Replies

7. AIX

setting acl

Hi, I want to know how to set acl in aix via smitty and shell prompt, wheather we needs to install additional packages. (0 Replies)
Discussion started by: manoj.solaris
0 Replies

8. Linux

setting acl on linux

Hi, while setting access control list I am getting error "Operation NOt Supported" Example :user A wants full access on test directory /home/user B/test, I dont want to add in secondary group bcz group has read permission, (1 Reply)
Discussion started by: manoj.solaris
1 Replies

9. UNIX for Dummies Questions & Answers

Setting Last-Modified Bit in Apache

Hi, I have a co-worker that uses javascript code to generate the last-modified date on a file. The problem is our server does not properly send this date so javascript can display it. I know that it is better to use server-side scripting to generate this but she has already put it on multiple... (1 Reply)
Discussion started by: robbieg
1 Replies

10. Cybersecurity

setting ACL's

Hi all, How can I set default owning user and default owning group with setfacl on Solaris 2.6 and up ? My idea is, that when a file is created by user x, and the default owning user is y, the ownership is set to y. This option is visible in the filemanager, though not editable. I can't find... (5 Replies)
Discussion started by: andy_kann
5 Replies
Login or Register to Ask a Question