LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 04-27-2014, 09:17 AM   #1
rblampain
Senior Member
 
Registered: Aug 2004
Location: Western Australia
Distribution: Debian 9.2
Posts: 1,174

Rep: Reputation: 51
apache 2.2.22-13 module for authentication against /etc/shadow


OS is Debian 7
Is there a module to do the job and what is it called?
The purpose is to authenticate a large list of users before giving them access to certain files.

If not, can one suggest a C or a Perl or a Python script that will do the job, all of which I know nothing and not willing to reinvent the wheel, I am prepared however to learn how Apache2 can do that.

Thank you for your help.
 
Old 04-28-2014, 01:52 AM   #2
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,860
Blog Entries: 36

Rep: Reputation: 459Reputation: 459Reputation: 459Reputation: 459Reputation: 459
PAM module - http://www.debianhelp.co.uk/apachepam.htm
 
1 members found this post helpful.
Old 04-28-2014, 01:53 AM   #3
eklavya
Member
 
Registered: Mar 2013
Posts: 633

Rep: Reputation: 141Reputation: 141
Quote:
Originally Posted by rblampain View Post
OS is Debian 7
Is there a module to do the job and what is it called?
The purpose is to authenticate a large list of users before giving them access to certain files.

If not, can one suggest a C or a Perl or a Python script that will do the job, all of which I know nothing and not willing to reinvent the wheel, I am prepared however to learn how Apache2 can do that.

Thank you for your help.
If you are talking about authentication from browser (as you talked about apache), you can use .htaccess/.htpasswd.
It will prompt for username and password when anyone try to access any directory or any file from browser.

If you are talking about authentication from file manager. You should provide correct file permissions to directory and files.

and if you want it should ask username and password for file-manager, if anyone wants to access directory or files, use ftp service.
The directory and files will be accessible to the users who have ftp username and password.
 
1 members found this post helpful.
Old 04-29-2014, 08:02 AM   #4
rblampain
Senior Member
 
Registered: Aug 2004
Location: Western Australia
Distribution: Debian 9.2
Posts: 1,174

Original Poster
Rep: Reputation: 51
I used sag47's solution which I undestood to be as simple as
1) installing libapache2-mod-auth-pam (which I found in one of the DVDs of my distro and installed with "synaptic")
2) including the (adjusted) following code in my "apache2/sites-available/default file:

<Directory /var/www/myrestrictedarea>
AuthType Basic
AuthName "Restricted area for My Server"
AuthPAM_Enabled On
Require group mygroup
</Directory>

I installed libapache2-mod-auth-pam, added the code to apache2/sites-available/default and adjusted lines 1, 3 and 5 in the "<directory>" according to my setup (line 3 looking like just a title or comment) and restarted apache2 but when I follow my steps in the browser, the directory for which users have to authenticate before gaining access is still accessible without authentication.

Can you tell me what I am missing? There is nothing on the Internet about that specific module except suggestions it has been replaced by something else.

Thank you.
 
Old 04-29-2014, 07:15 PM   #5
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,860
Blog Entries: 36

Rep: Reputation: 459Reputation: 459Reputation: 459Reputation: 459Reputation: 459
Looks like mod_auth_pam is no longer supported.

http://pam.sourceforge.net/mod_auth_pam/

There is a recommendation on that page to use mod_authnz_external. The wiki contains more configuration information.

Last edited by sag47; 04-29-2014 at 07:19 PM.
 
Old 04-30-2014, 06:56 AM   #6
rblampain
Senior Member
 
Registered: Aug 2004
Location: Western Australia
Distribution: Debian 9.2
Posts: 1,174

Original Poster
Rep: Reputation: 51
Thank you sag47

Before ignoring a module that is no longer supported and trying to use a replacement, I would have thought that the no-longer-supported module should have worked, even if unsatisfactorily, because it is part of the distro in Debian 7.

Rightly or wrongly, I think whatever I missed that made the module not work is likely to show up again when I use the new supported module. Can you comment on that? What am I missing?
 
Old 04-30-2014, 09:30 AM   #7
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,860
Blog Entries: 36

Rep: Reputation: 459Reputation: 459Reputation: 459Reputation: 459Reputation: 459
Quote:
Originally Posted by rblampain View Post
Thank you sag47

Before ignoring a module that is no longer supported and trying to use a replacement, I would have thought that the no-longer-supported module should have worked, even if unsatisfactorily, because it is part of the distro in Debian 7.

Rightly or wrongly, I think whatever I missed that made the module not work is likely to show up again when I use the new supported module. Can you comment on that? What am I missing?
Sure, looking up the mod_auth_basic and how it works it's actually using Location instead of Directory directive like you had used in your example (although I know that was in the docs of the article I linked). Looking at the Apache doc examples for mod_auth_basic the AuthBasicProvider is what you could reference to try to construct your mod_auth_pam config.

According to the mod_auth_pam docs it gives you an example which would go in the .htaccess file. So you could alternatively throw that in the Location directive like in the previous paragraph I suggested in this post.

Thanks for being observant and you're right, I should have comprehended why your current config in mod_auth_pam wasn't working rather than throwing another module down your throat.

SAM

Last edited by sag47; 04-30-2014 at 09:34 AM.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Apache Module For OpenID Authentication LXer Syndicated Linux News 0 03-11-2012 09:20 AM
authentication user by /etc/shadow Thomas23 Linux - Security 2 05-22-2004 11:52 AM
PHP Authentication against /etc/shadow mpgram Programming 1 04-14-2004 12:55 AM
apache authentication module antken Linux - Security 2 01-06-2003 09:44 AM
/etc/shadow in user authentication katana Linux - General 3 06-25-2001 12:02 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration