Manual Pages
Table of Contents
na_httpd.access - authentication controls for HTTP access
/etc/httpd.access
The HTTP daemon can apply authentication controls to individual
users or groups on a per directory basis. The file
/etc/httpd.access specifies the following items for each
access-controlled tree:
the path to the tree
the authority required to authenticate access to
the tree
the lists of users or groups who are permitted
access when authenticated
The syntax is the same as the access control syntax used
by NCSA and Apache. However, the httpd.access file only
supports a subset of directives supported by NCSA and
Apache. You can copy an existing NCSA or Apache access to
the filer without editing or reformatting.
The supported directives are:
<Directory directory_name>
</Directory>
AuthName Title phrase
require user user_id[, user_id,...]
require group group_id[, group_id,...]
where Title phrase is a word or phrase that is passed to
the authentication dialog as a title for the dialog that
prompts the user for a password.
The following example restricts access to the file
/home/htdocs/private/bob so that only user dole can access
it, after supplying the required password. The authentication
dialog is titled ``My private stuff.''
<Directory /home/htdocs/private/bob>
AuthName My private stuff
<Limit GET>
require user dole
</Limit>
</Directory>
The <Limit GET> and </Limit> directives are not supported,
but are retained for format consistency with NCSA and
Apache. The filer just ignores them.
The following example restricts access to the directory
tree /home/htdocs/private/conspiracy to the group ``guyinblack'',
which consists of the users whose IDs are cancer,
deepthroat, mrx, and skinner. The authentication dialog
is titled ``Area 51.''
<Directory /home/htdocs/private/conspiracy>
AuthName Area 51
<Limit GET>
require group guyinblack
</Limit GET>
</Directory>
In this example, ``guyinblack'' is defined by the following
entry in /etc/httpd.group:
guyinblack: cancer deepthroat mrx skinner
The following example requires the client to provide a
Windows Domain username and password to access the directory
tree /home/htdocs/win. The authentication dialog is
``Windows(tm) Authentication'' This authentication dialog,
typed exactly as presented here, is required to enforce
NTLM authentication.
<Directory /home/htdocs/win>
AuthName Windows(tm) Authentication
</Directory>
If this authentication control is used the Filer must have
CIFS running, and either be a member of a Windows Domain
or be using Local User authentication.
Any changes take effect within 5 minutes
Changes are persistent across system reboots.
na_httpd.passwd(5), na_httpd.group(5).
Only the directives listed above are supported; other
directives that may appear in NCSA or Apache access files
are ignored.
Table of Contents