 |
Note:
The encryption algorithm used for the password is not as
secure as some encryption algorithms. We are working on
providing a more secure way for you to password-protect web
pages.
To password protect a web page, it must be located in a
password- protected directory. To create a password-protected
directory, use the following steps:
- Change into your pub directory:
cd ~/../pub
-
Create a directory in which to store the password
file:
mkdir passwords
-
Make the passwords directory so that nobody can read it:
fs setacl passwords system:anyuser none system:httpd read
-
Create the password file with the username and password
you'd like people to use to access your password-protected
web page. You can establish more than one username and
password in this step; just repeat the command for each
username.
dbmanage ./passwords/password_file adduser
username
(Replace username with the username you'd like
people to type to access the page.)
-
You'll be asked for a password. Type the password, press
return, and then type the password again. This will be the
password used to access the web page.
-
Create a directory for your password protected web
page.
mkdir private
(You can use whatever directory name you like; we have
used the name private)
-
Change the AFS permissions on the directory that you
created with the commands:
fs sa private/ system:anyuser none system:httpd
read
This will give the web server read permissions and remove
the world read permissions that your pub directory has by
default.
-
Change into the directory you just created.
cd private
-
Create a text file called
.htaccess containing
the following.
pico .htaccess
to begin creating the file):
AuthType Basic
AuthName ByPassword
AuthDBUserFile
/users/yourusername/pub/passwords/password_file
<Limit GET>
require user username
</Limit>
(Replace yourusername with your own WAM login ID.
Replace username with the username you want people
to type to access the page, the same username you chose in
step 3. If you used pico to create the file, save it using
control-O, press return, and then use control-X to exit. If
you created more than one username in step 3, you can allow
multiple users access by putting additional require
user username lines in the .htaccess
file, one for each username.)
That's it! Now, just put the web page you'd like to protect
into the private directory. To access the
page, point your web browser to:
http://www.wam.umd.edu/~yourusername/private/filename.html
(Where filename.html is the name of your
password-protected web page, and yourusername is
your WAM login ID.)
You should see a small window pop up, asking you for the
username and password. Type in the username and password, and
you'll be able to access the web page.
|
