Linux與雲計算——第二階段Linux服務器架設
第七章:網站WEB服務器架設—認證
開啓基礎認證
開啓基礎驗證來限制對特定網頁的訪問。
[1] 例如,我們想針對目錄[/var/www/html/auth-basic]下的文件要求認證.
[root@client ~]# vim /etc/httpd/conf.d/auth_basic.conf
<Directory /var/www/html/auth-basic>
AuthType Basic
AuthName "Basic Authentication"
AuthUserFile /etc/httpd/conf/.htpasswd
require valid-user
</Directory>
# 添加一個用戶
[root@client ~]# htpasswd -c /etc/httpd/conf/.htpasswd jeffrey
New password: # set password
Re-type new password: # confirm
Adding password for user jeffrey
[root@client ~]# systemctl restart httpd
[root@client ~]# mkdir /var/www/html/auth-basic
[root@client ~]# vi /var/www/html/auth-basic/index.html
<html>
<body>
<div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;">
Test Page for Basic Auth
</div>
</body>
</html>
[2] 使用瀏覽器訪問該頁面,要求輸入用戶名和密碼.
Auth+PAM
使用系統用戶OS和SSL連接限制網頁訪問
[1] 參考之前配置生成證書。
[2] 通過以下站點下載最新的mod-auth-external和pwauth from。
https://code.google.com/p/mod-auth-external/
https://code.google.com/p/pwauth/
我們想針對目錄[/var/www/html/auth-pam] 下的頁面進行驗證.
[root@client ~]# yum -y install httpd-devel pam-devel gcc make mod_authnz_external pwauth
[root@client ~]# vi /etc/pam.d/pwauth
# create new
#%PAM-1.0
auth include system-auth
account include system-auth
session include system-auth
[root@client ~]# vi /etc/httpd/conf.d/auth_pam.conf
# create new
LoadModule authnz_external_module modules/mod_authnz_external.so
AddExternalAuth pwauth /usr/local/libexec/pwauth
SetExternalAuthMethod pwauth pipe
<Directory /var/www/html/auth-pam>
SSLRequireSSL
AuthType Basic
AuthName "PAM Authentication"
AuthBasicProvider external
AuthExternal pwauth
require valid-user
</Directory>
# 創建一個測試頁面
[root@client ~]# mkdir /var/www/html/auth-pam
[root@client ~]# vi /var/www/html/auth-pam/index.html
<html>
<body>
<div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;">
Test Page for PAM Auth
</div>
</body>
</html>
[root@client ~]# systemctl restart httpd