Linux與雲計算——第二階段Linux服務器架設 第七章:網站WEB服務器架設—認證

Linux與雲計算——第二階段Linux服務器架設

第七章:網站WEB服務器架設—認證

開啓基礎認證

開啓基礎驗證來限制對特定網頁的訪問。

[1] 例如,我們想針對目錄[/var/www/html/auth-basic]的文件要求認證.

[root@client ~]# vim /etc/httpd/conf.d/auth_basic.conf

<Directory /var/www/html/auth-basic>

    AuthType Basic

    AuthName "Basic Authentication"

    AuthUserFile /etc/httpd/conf/.htpasswd

    require valid-user

</Directory>

# 添加一個用戶

[root@client ~]# htpasswd -c /etc/httpd/conf/.htpasswd jeffrey

New password: # set password

Re-type new password: # confirm

Adding password for user jeffrey

[root@client ~]# systemctl restart httpd

[root@client ~]# mkdir /var/www/html/auth-basic

[root@client ~]# vi /var/www/html/auth-basic/index.html

<html>

<body>

<div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;">

Test Page for Basic Auth

</div>

</body>

</html>

[2] 使用瀏覽器訪問該頁面,要求輸入用戶名和密碼.

Auth+PAM

使用系統用戶OS和SSL連接限制網頁訪問

[1] 參考之前配置生成證書。

[2] 通過以下站點下載最新的mod-auth-externalpwauth from

   https://code.google.com/p/mod-auth-external/

   https://code.google.com/p/pwauth/

我們想針對目錄[/var/www/html/auth-pam] 下的頁面進行驗證.

[root@client ~]# yum -y install httpd-devel pam-devel gcc make mod_authnz_external pwauth

[root@client ~]# vi /etc/pam.d/pwauth

# create new

#%PAM-1.0

auth        include       system-auth

account     include       system-auth

session     include       system-auth

 [root@client ~]# vi /etc/httpd/conf.d/auth_pam.conf

# create new

LoadModule authnz_external_module modules/mod_authnz_external.so

AddExternalAuth pwauth /usr/local/libexec/pwauth

SetExternalAuthMethod pwauth pipe

 

<Directory /var/www/html/auth-pam>

    SSLRequireSSL

    AuthType Basic

    AuthName "PAM Authentication"

    AuthBasicProvider external

    AuthExternal pwauth

    require valid-user

</Directory>

# 創建一個測試頁面

[root@client ~]# mkdir /var/www/html/auth-pam

[root@client ~]# vi /var/www/html/auth-pam/index.html

 <html>

<body>

<div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;">

Test Page for PAM Auth

</div>

</body>

</html>

[root@client ~]# systemctl restart httpd


發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章