topic Re: Apache Authorization Realms in Operating System - Linux

Apache Authorization Realms

tpfraz — Fri, 01 Aug 2003 21:38:24 GMT

Hello,
I'm trying to configure apache Apache so that each virtual host that I have will have a seperate realm with one authorized user.
It's for allowing an admin of each site to view a statistics page.
So I want only that user to be able to view the stats for their site.

I'm pretty sure I can do this by defining seperate blocks, one for each virtual host, and define in it a seperate realm and give access to only one user.
And of course create those users with htpasswd.
Something like this maybe

AllowOverride AuthConfig

AuthType Basic
AuthName "Stats Page"
AuthUserFile /etc/httpd/users
Require user domain1user

AuthType Basic
AuthName "Stats Page"
AuthUserFile /etc/httpd/users
Require user domain2user

But is there a more concise way to do this?
Is there a way to use the normal Linux user accounts for authorization?

Or some other way which wouldn't require a new Directory block for each site?

Thanks...

-Travis

Re: Apache Authorization Realms

Steven E. Protter — Fri, 01 Aug 2003 22:35:37 GMT

I am pretty experienced with apache and can not think of a way to do this more efficiently.

If you just use linux accounts and permissions, I don't think apache will work right. You'd just get a forbidden 403 error.

Are their efficiency issues here? Is this burning up the cpu?

There is an old rule with apache once you get it to do what you want. If it works, don't try and fix it.

SEP

Re: Apache Authorization Realms

tpfraz — Fri, 01 Aug 2003 22:58:59 GMT

Okay, is what I described pretty much the standard way to do something like this?

There is no resource issues, I was just wondering if there was a more general way that I could do this, more automated.

Thank you...

-Travis

Re: Apache Authorization Realms

Cristian Draghici_1 — Sat, 02 Aug 2003 06:16:14 GMT

To automate the process you could have a backend (database, file, whatever) and a script (bash, perl, awk, python, you name it) that generates the virtual host part.

Say you create a virtualhosts file. You then use the include directive to make it part of the httpd.conf config file.

Now to add a new host you would add it in the backend, rerun the virtualhosts script and restart apache. (or hup it to reload it's config, i don't know if possible).

Next you can write a web interface on top of the backend to make administration easier.
That should be automated enough.

Cheers
Cristi

PS There's someone who sells a commercial Apache configuration interface that does web-based apache configurations. Or you could look into webmin and other administration tools to see if the include virtual hosts configuration.