当前位置: 首页 > 工具软件 > SW-HTTPD > 使用案例 >

httpd 密码验证

封梓
2023-12-01

httpd访问控制:用户授权—>官方指南:http://httpd.apache.org/docs/2.4/howto/auth.html
注1: http2.2/http2.4的访问控制,配置方式是通用的
注2:生成密码文件(-m:md5,默认选项): htpasswd [-c] [-b] [-m] /etc/httpd/http.users tom [-b的密码]

操作系统http版本
centos6http2.2
centos7http2.4

1, 网站验证授权: 基于用户名/密码

#1,配置站点:
[root@c7 conf.d]# grep DocumentRoot /etc/httpd/conf/httpd.conf 
# DocumentRoot: The directory out of which you will serve your
DocumentRoot "/var/www/html"
   
[root@c7 conf.d]# mkdir -p /var/www/html/admin/
[root@c7 conf.d]# echo "admin" >/var/www/html/admin/index.html 
[root@c7 conf.d]# curl c7:80/admin/
admin

#2, 添加密码验证配置
#--------------添加用户名密码:数据文件/etc/httpd/http.users--------------
#tom:123
#jerry:456
#test:123456
[root@c7 ~]# htpasswd -c /etc/httpd/http.users tom
New password: #密码:123
Re-type new password: 
Adding password for user tom
[root@c7 ~]# cat /etc/httpd/http.users 
tom:$apr1$BYpkVDFf$w0vnrc8D0ecklq69NKciW1

[root@c7 ~]# htpasswd /etc/httpd/http.users jerry
New password: #密码:456
Re-type new password: 
Adding password for user jerry

[root@c7 ~]# htpasswd -b /etc/httpd/http.users test 123456 #密码:123456
Adding password for user test
[root@c7 ~]# cat /etc/httpd/http.users 
tom:$apr1$BYpkVDFf$w0vnrc8D0ecklq69NKciW1
jerry:$apr1$/kCjFP.P$haIHJ8c66US631W40Sw1A1
test:$apr1$3idpMzlY$HoASzcDTYnElVykDwoD84/

#--------------为站点添加密码验证: 基于用户名/密码--------------
[root@c7 conf.d]# pwd
/etc/httpd/conf.d
[root@c7 conf.d]# cat mypass.conf 

<Directory /var/www/html/admin>
    Options None
    AllowOverride None   
    AuthType basic
    AuthName " please input name/passwd:"

    #基于username/passwd
    AuthUserFile "/etc/httpd/http.users"
    Require user tom jerry
    #Require valid-user 

    #基于group
    #AuthUserFile "/etc/httpd/http.users"
    #AuthGroupFile "/etc/httpd/http.groups"
    #Require group admins
</Directory>

#--------------测试密码验证是否生效--------------
[root@c7 conf.d]# curl -u tom:123 c7:80/admin/
admin
[root@c7 conf.d]# curl -u jerry:456 c7:80/admin/
admin
[root@c7 conf.d]# curl -u test:123456 c7:80/admin/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>

2, 网站验证授权: 基于组


#--------------为站点添加密码验证: 基于组--------------
[root@c7 conf.d]# pwd
/etc/httpd/conf.d
[root@c7 conf.d]# cat /etc/httpd/http.users 
tom:$apr1$BYpkVDFf$w0vnrc8D0ecklq69NKciW1
jerry:$apr1$/kCjFP.P$haIHJ8c66US631W40Sw1A1
test:$apr1$3idpMzlY$HoASzcDTYnElVykDwoD84/
[root@c7 conf.d]# cat /etc/httpd/http.groups 
admins: tom test
[root@c7 conf.d]# cat mypass.conf 

<Directory /var/www/html/admin>
    Options None
    AllowOverride None    
    AuthType basic
    AuthName " please input name/passwd:"

    #基于username/passwd
    #AuthUserFile "/etc/httpd/http.users"
    #Require user tom jerry

    #基于group
    AuthUserFile "/etc/httpd/http.users"
    AuthGroupFile "/etc/httpd/http.groups"
    Require group admins
</Directory>

#--------------测试密码验证是否生效--------------
[root@c7 conf.d]# curl -u tom:123 c7:80/admin/
admin
[root@c7 conf.d]# curl -u jerry:456 c7:80/admin/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>

 类似资料: