Apache Access Control Lab
Create 3 directories under your public_html directory:
sales, marketing and engineering
We want to allow salespeople to have access to the /sales documents, engineers
to have access to engineering info, and everyone in the company will have
access to marketing. Our company's domain will be .merrimack.edu
Now change back to your home directory:
cd ~
Now lets create a password file for our users. In your home directory create
a passwd file:
htpasswd -c passwd.txt homer
This adds user larry to the passwd.txt file and creates a password.
Now add bart and lisa and marge to the file. You don't need to
use the "-c" option once the password file is created:
htpasswd passwd.txt lisa
The password file contains a list of users and their encrypted passwords.
The users in this file can be given specific access to derectories you
chose. You can have as many different password files as you want,
but it's generally a good idea to only have one. These user names
can then be added to groups. Groups allow you to easily allow or
deny access based on members of a group.
Now create a group file called groups.txt in your home
directory it should contain some lines simillar to:
sales: homer
marketing: bart lisa
engineering: marge
Make sure the password and group files are readable by issuing a chmod
command on each of them:
chmod 644 passwd.txt
chmod 644 groups.txt
Now let's restrict access to the sales directory by creating a .htaccess
file in the sales directory.
The .htaccess file should contain lines simillar to the following:
AuthType Basic
AuthName "Sales Info"
AuthUserFile /export/home/ericl/passwd.txt
AuthGroupFile /export/home/ericl/groups.txt
require group sales
To restrict access to the other two directories you'll need to create
simillar .htaccess files.
If you get stuck, read about the directives in the apache documentation
(require, allow, deny might be useful)