Contact Us | Products/Services | Korn Shell | MicroEMACS


AIXtm mtXIA :
Technical Consulting Group
kshAuth - Authentication and Authorization System for Apache Web Server

 

Installation


Current:Installation
Previous:kshAuth
Home Page

kshAuth
Tutorial
Change Top Dir
Look and Feel

kshAuth - Authentication and Authorization Interface for Apache 2.2+ Web Server

Version 0.2


Installation instructions for kshAuth

Assumptions:

  • kshAuth is being installed on a system that currently has Korn Shell 93 installed at "/usr/bin/ksh93".
  • kshAuth is being installed on a system currently running Apache 2.2+.
  • A document directory called "htdocs" exists on your Apache 2.2+ web server.
  • The "htpasswd" command exists at the location "/usr/sbin/htpasswd2".

Recommendations:

  • Problems have been observed attempting to run kshAuth with Apache 2.2+ where the apache binaries have been installed from an "rpm" archive. It is recommended that Apache 2.2+ be compiled from source code for best results.

The kshAuth Directory Based Authorization System is distributed as a gzipped tarball and normally has a name such as:

kshAuth-X.XX.tar.gz

Where X.XX represents the version number.

To extract the utilities contained in the gzipped tarball - perform these tasks in the following order:

  1. Login to the system hosting the Apache 2.2+ web server as "root".
  2. Download the gzipped tarball into the "/tmp" directory of the system running the Apache 2.2+ web server, where it is to be installed.
  3. Change to the top level Apache directory, this will be the directory immediately above the "cgi-bin" and "htdocs" directories. The example used in the remainder of this installation guide will be "/usr/local/apache2".
  4. Extract the gzipped tarball using one of the following methods:

    cd /usr/local/apache2
    gzip -cd /tmp/kshAuth-X.XX.tar.gz | tar -xvf -
    

    OR

    cd /tmp
    gunzip /tmp/kshAuth-X.XX.tar.gz
    cd /usr/local/apache2
    tar -xvf /tmp/kshAuth-X.XX.tar
    

  5. Determine the user and group associated with the Apache "httpd" processes:

    egrep 'User|Group' /usr/local/apache2/conf/*.conf
    

    For example purposes, the user "daemon" and the group "daemon" will be used in the following steps. Substitute this example user and group with your actual user and group name.

  6. Change the owner and group of all kshAuth files to your "httpd" user and group, also set the permissions as shown.

    cd /usr/local/apache2
    chown -R daemon:daemon ./kshAuth
    chown -R daemon:daemon ./cgi-bin/kshAuth
    chown -R daemon:daemon ./htdocs/kshAuth
    chmod -R 775 ./kshAuth
    chmod -R 555 ./cgi-bin/kshAuth
    chmod -R 775 ./htdocs/kshAuth
    

    The "./kshAuth" and "./htdocs/kshAuth" directories require "write" permission so the utilities can create/modify/delete password protection information.

  7. Modify the "httpd.conf" file to allow options to be overridded by the contents of the ".htaccess" file. Change the "AllowOverride" directive to "All"

    AllowOverride All
    

  8. Restart the Apache 2.2+ web server to activate the configuration changes.
  9. Place all content to be password protected under the directory:

    /usr/local/apache2/htdocs/kshAuth
    

  10. Perform test by accessing the kshAuth Utilities page:

    http://localhost/cgi-bin/kshAuth/utilities.cgi
    

    Where "localhost" can be replaced by the name of your Apache web server.


If the directory administrator password does not work, you may need to regenerate the directory administrator password files. To do this, change directories into the top level kshAuth authorization directory and run the following commands:

cd  /usr/local/apache2/kshAuth
/usr/sbin/htpasswd2 -c -b -s .diradmin   admin  password
/usr/sbin/htpasswd2 -c -b -s .AID_admin  admin  password

 

For information regarding this page, contact Dana French ( dfrench@mtxia.com )