Linux与云计算——第二阶段Linux服务器架设
第七章:网站WEB服务器架设—认证
开启基础认证
开启基础验证来限制对特定网页的访问。
[1] 例如,我们想针对目录[/var/www/html/auth-basic]下的文件要求认证.
[root@client ~]# vim /etc/httpd/conf.d/auth_basic.conf
<Directory /var/www/html/auth-basic>
AuthType Basic
AuthName "Basic Authentication"
AuthUserFile /etc/httpd/conf/.htpasswd
require valid-user
</Directory>
# 添加一个用户
[root@client ~]# htpasswd -c /etc/httpd/conf/.htpasswd jeffrey
New password: # set password
Re-type new password: # confirm
Adding password for user jeffrey
[root@client ~]# systemctl restart httpd
[root@client ~]# mkdir /var/www/html/auth-basic
[root@client ~]# vi /var/www/html/auth-basic/index.html
<html>
<body>
<div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;">
Test Page for Basic Auth
</div>
</body>
</html>
[2] 使用浏览器访问该页面,要求输入用户名和密码.
Auth+PAM
使用系统用户OS和SSL连接限制网页访问
[1] 参考之前配置生成证书。
[2] 通过以下站点下载最新的mod-auth-external和pwauth from。
https://code.google.com/p/mod-auth-external/
https://code.google.com/p/pwauth/
我们想针对目录[/var/www/html/auth-pam] 下的页面进行验证.
[root@client ~]# yum -y install httpd-devel pam-devel gcc make mod_authnz_external pwauth
[root@client ~]# vi /etc/pam.d/pwauth
# create new
#%PAM-1.0
auth include system-auth
account include system-auth
session include system-auth
[root@client ~]# vi /etc/httpd/conf.d/auth_pam.conf
# create new
LoadModule authnz_external_module modules/mod_authnz_external.so
AddExternalAuth pwauth /usr/local/libexec/pwauth
SetExternalAuthMethod pwauth pipe
<Directory /var/www/html/auth-pam>
SSLRequireSSL
AuthType Basic
AuthName "PAM Authentication"
AuthBasicProvider external
AuthExternal pwauth
require valid-user
</Directory>
# 创建一个测试页面
[root@client ~]# mkdir /var/www/html/auth-pam
[root@client ~]# vi /var/www/html/auth-pam/index.html
<html>
<body>
<div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;">
Test Page for PAM Auth
</div>
</body>
</html>
[root@client ~]# systemctl restart httpd
转载于:https://blog.51cto.com/11840455/1835271
扫一扫
488
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
