AIXtm mtXIA :
Technical Consulting Group
kshAuth - Authentication and Authorization System for Apache Web Server
kshAuth - Authentication and Authorization Interface for Apache
2.2+ Web Server
Installation instructions for kshAuth
- kshAuth is being installed on a system that currently has
Korn Shell 93
installed at "
- kshAuth is being installed on a system currently running Apache
- A document directory called "htdocs" exists on your Apache 2.2+ web
- The "htpasswd" command exists at the location
- Problems have been observed attempting to run kshAuth with Apache
2.2+ where the apache binaries have been installed from an "rpm"
archive. It is recommended that Apache 2.2+ be compiled from source
code for best results.
The kshAuth Directory Based Authorization System is
distributed as a gzipped tarball and normally has a name
Where X.XX represents the version number.
To extract the utilities contained in the gzipped
tarball - perform these tasks in the following order:
- Login to the system hosting the Apache 2.2+ web
server as "root".
- Download the gzipped tarball into the "/tmp"
directory of the system running the Apache 2.2+ web
server, where it is to be installed.
- Change to the top level Apache directory, this will
be the directory immediately above the "cgi-bin" and
"htdocs" directories. The example used in the
remainder of this installation guide will be
- Extract the gzipped tarball using one of the
gzip -cd /tmp/kshAuth-X.XX.tar.gz | tar -xvf -
tar -xvf /tmp/kshAuth-X.XX.tar
- Determine the user and group associated with the
Apache "httpd" processes:
egrep 'User|Group' /usr/local/apache2/conf/*.conf
For example purposes, the user "daemon" and the group
"daemon" will be used in the following steps. Substitute
this example user and group with your actual user and
- Change the owner and group of all kshAuth files to
your "httpd" user and group, also set the permissions
chown -R daemon:daemon ./kshAuth
chown -R daemon:daemon ./cgi-bin/kshAuth
chown -R daemon:daemon ./htdocs/kshAuth
chmod -R 775 ./kshAuth
chmod -R 555 ./cgi-bin/kshAuth
chmod -R 775 ./htdocs/kshAuth
The "./kshAuth" and "./htdocs/kshAuth" directories
require "write" permission so the utilities can
create/modify/delete password protection information.
- Modify the "httpd.conf" file to allow options to be
overridded by the contents of the ".htaccess" file.
Change the "AllowOverride" directive to "All"
- Restart the Apache 2.2+ web server to activate the
- Place all content to be password protected under the
- Perform test by accessing the kshAuth Utilities page:
Where "localhost" can be replaced by the name of your
Apache web server.
If the directory administrator password does not work,
you may need to regenerate the directory administrator
password files. To do this, change directories into the
top level kshAuth authorization directory and run the
/usr/sbin/htpasswd2 -c -b -s .diradmin admin password
/usr/sbin/htpasswd2 -c -b -s .AID_admin admin password
For information regarding this page, contact
Dana French ( firstname.lastname@example.org )