OS is Debian 7
Is there a module to do the job and what is it called?
The purpose is to authenticate a large list of users before giving them access to certain files.

If not, can one suggest a C or a Perl or a Python script that will do the job, all of which I know nothing and not willing to reinvent the wheel, I am prepared however to learn how Apache2 can do that.

Thank you for your help.

PAM module - http://www.debianhelp.co.uk/apachepam.htm

1 members found this post helpful.

If you are talking about authentication from browser (as you talked about apache), you can use .htaccess/.htpasswd.
It will prompt for username and password when anyone try to access any directory or any file from browser.

If you are talking about authentication from file manager. You should provide correct file permissions to directory and files.

and if you want it should ask username and password for file-manager, if anyone wants to access directory or files, use ftp service.
The directory and files will be accessible to the users who have ftp username and password.

1 members found this post helpful.

I used sag47's solution which I undestood to be as simple as
1) installing libapache2-mod-auth-pam (which I found in one of the DVDs of my distro and installed with "synaptic")
2) including the (adjusted) following code in my "apache2/sites-available/default file:

<Directory /var/www/myrestrictedarea>
AuthType Basic
AuthName "Restricted area for My Server"
AuthPAM_Enabled On
Require group mygroup
</Directory>

I installed libapache2-mod-auth-pam, added the code to apache2/sites-available/default and adjusted lines 1, 3 and 5 in the "<directory>" according to my setup (line 3 looking like just a title or comment) and restarted apache2 but when I follow my steps in the browser, the directory for which users have to authenticate before gaining access is still accessible without authentication.

Can you tell me what I am missing? There is nothing on the Internet about that specific module except suggestions it has been replaced by something else.

Thank you.

Looks like mod_auth_pam is no longer supported.

http://pam.sourceforge.net/mod_auth_pam/

There is a recommendation on that page to use mod_authnz_external. The wiki contains more configuration information.

Thank you sag47

Before ignoring a module that is no longer supported and trying to use a replacement, I would have thought that the no-longer-supported module should have worked, even if unsatisfactorily, because it is part of the distro in Debian 7.

Rightly or wrongly, I think whatever I missed that made the module not work is likely to show up again when I use the new supported module. Can you comment on that? What am I missing?

Sure, looking up the mod_auth_basic and how it works it's actually using Location instead of Directory directive like you had used in your example (although I know that was in the docs of the article I linked). Looking at the Apache doc examples for mod_auth_basic the AuthBasicProvider is what you could reference to try to construct your mod_auth_pam config.

According to the mod_auth_pam docs it gives you an example which would go in the .htaccess file. So you could alternatively throw that in the Location directive like in the previous paragraph I suggested in this post.

Thanks for being observant and you're right, I should have comprehended why your current config in mod_auth_pam wasn't working rather than throwing another module down your throat.

SAM

1 members found this post helpful.