Apache Authentication and Order Allow, and Deny - From Apache: The Definitive Guide (5/6) | WebReference

Apache Authentication and Order Allow, and Deny - From Apache: The Definitive Guide (5/6)

Apache: The Definitive Guide, Chapter 5: Authentication

If you provoke it with dbmmanage -?, you get:

Usage: dbmmanage [enc] dbname command [username [pw [group[,group] [comment]]]]
    where enc is  -d for crypt encryption (default except on Win32, Netware)
                  -m for MD5 encryption (default on Win32, Netware)
                  -s for SHA1 encryption
                  -p for plaintext
    command is one of: add|adduser|check|delete|import|update|view
    pw of . for update command retains the old password
    pw of--(or blank) for update command prompts for the password
    groups or comment of . (or blank) for update command retains old values
    groups or comment of--for update command clears the existing value
    groups or comment of--for add and adduser commands is the empty value
takes the following arguments:
dbmmanage [enc] dbname command [username [pw [group[,group] [comment]]]]
'enc' sets the encryption method:
-d for crypt (default except Win32, Netware)
-m for MD5 (default on Win32, Netware)
-s for SHA1 
-p for plaintext

So, to add our four users to a file /usr/www/APACHE3/ok_dbm/users, we type:

% dbmmanage /usr/www/APACHE3/ok_dbm/users.db adduser bill 
New password:theft
Re-type new password:theft
User bill added with password encrypted to vJACUCNeAXaQ2 using crypt

Perform the same service for ben, sonia, and daphne. The file ... /users is not editable directly, but you can see the results by typing:

% dbmmanage /usr/www/APACHE3/ok_dbm/users view

You can build a group file with dbmmanage,but because of faults in the script that we hope will have been rectified by the time readers of this edition use it, the results seem a bit odd. To add the user fred to the group cleaners, type:

% dbmmanage /usr/www/APACHE3/ok_dbm/group add fred cleaners

(Note: do not use adduser.) dbmmanagerather puzzlingly responds with the following message:

User fred added with password encrypted to cleaners using crypt

When we test this with:

% dbmmanage /usr/www/APACHE3/ok_dbm/group view

we see:


which is correct, because in a group file the name of the group goes where the encrypted password would go in a password file.

Since we have a similar file structure, we invoke DBM authentication in ... /conf/httpd.conf by commenting out:

#AuthUserFile /usr/www/APACHE3/ok_users/sales
#AuthGroupFile /usr/www/APACHE3/ok_users/groups

and inserting:

AuthDBMUserFile /usr/www/APACHE3/ok_dbm/users 
AuthDBMGroupFile /usr/www/APACHE3/ok_dbm/users

AuthDBMGroupFile is set to the samefile as the AuthDBMUserFile. What happens is that the username becomes the key in the DBM file, and the value associated with the key is password:group. To create a separate group file, a database with usernames as the key and groups as the value (with no colons in the value) would be needed.

Created: March 3, 2003
Revised: March 3, 2003

URL: http://webreference.com/internet/apache/chap5/2/5.html