Basic Auth + PAM2012/06/11 |
Configure httpd and set a page that people must authenticate and the authentication is from PAM.
|
|
[1] | Install mod-auth-external and pwauth. |
[root@www ‾]#
[root@www ~]# yum -y install httpd-devel pam-devel wget http://mod-auth-external.googlecode.com/files/mod_authnz_external-3.2.6.tar.gz [root@www ~]# wget http://pwauth.googlecode.com/files/pwauth-2.3.10.tar.gz [root@www ~]# tar zxvf mod_authnz_external-3.2.6.tar.gz [root@www ~]# cd mod_authnz_external-3.2.6 [root@www mod_authnz_external-3.2.6]# apxs -c mod_authnz_external.c [root@www mod_authnz_external-3.2.6]# apxs -i mod_authnz_external.la [root@www mod_authnz_external-3.2.6]# [root@www ~]# tar zxvf pwauth-2.3.10.tar.gz [root@www ~]# cd pwauth-2.3.10
[root@www pwauth-2.3.10]#
vi config.h # line 126: make it comment /* #define SHADOW_SUN
# line 134: uncomment #define PAM # line 281: change ( httpd's executing ID ) #define SERVER_UIDS 48 /* user "apache " */
[root@www pwauth-2.3.10]#
vi Makefile # line 10: make it comment # LIB= -lcrypt
# line 14: uncomment LIB=-lpam -ldl make [root@www pwauth-2.3.10]# cp pwauth /usr/local/libexec/ [root@www pwauth-2.3.10]# chmod 4755 /usr/local/libexec/pwauth [root@www pwauth-2.3.10]#
[root@www ~]#
vi /etc/httpd/conf/httpd.conf # near line 217: add LoadModule authnz_external_module modules/mod_authnz_external.so AddExternalAuth pwauth /usr/local/libexec/pwauth SetExternalAuthMethod pwauth pipe
[root@www ~]#
vi /etc/pam.d/pwauth # create new #%PAM-1.0 auth include system-auth account include system-auth session include system-auth
[root@www ~]#
vi /etc/httpd/conf.d/auth_pam.conf # for example, users must authenticate under /var/www/html/test <Directory /var/www/html/test> SSLRequireSSL AuthType Basic AuthName "PAM Authentication" AuthBasicProvider external AuthExternal pwauth require valid-user </Directory>
[root@www ~]#
systemctl restart httpd.service # create a test page
[root@www ~]#
vi /var/www/html/test/index.html <html> <body> <div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;"> Test Page for PAM Auth </div> </body> </html> |
Access to the test page with web browser, then authentication is required as a config. Input a user in local /etc/passwd and authenticate here. |
Just accessed. |
Sponsored Link |
|