Re: LAS Password Protection

To: oar.pmel.las_users@xxxxxxxx
Subject: Re: LAS Password Protection
From: J-M Epitalon <Jean-Marie.Epitalon@xxxxxxxxxx>
Date: Wed, 23 Mar 2005 14:41:01 +0100
Reply-to: Jean-Marie.Epitalon@xxxxxxxxxx
Sender: owner-las_users@xxxxxxxxxxxxx

Hi all,

I also need to apply password protection to my LAS server.
I run Apache 2.0 and what said Toni does not apply exactly to me.

I tried the following but it does not work.
<Directory $home/las/las_servlet/jakarta/webapps/ >
AuthType Basic
AuthName  "Mersea Access "
AuthUserFile $home/users-valid
require valid-user
</Directory>


Before reading thru Apache and Tomcat documentation, I would like to
know if someone already set a password protection to a LAS based on
Apache 2.0

Also I would like to understand this:
Is the Tomcat server using Apache as front end or is it serving HTML
pages by its own ?

Please help.

Jean-Marie


On Tue, 2005-02-08 at 18:15, Jonathan Callahan wrote: 
> Toni Jolibois answers: 
> >        Hi all,
> > 
> > A response to the mail below.
> > I have a LAS configured with an http authentification :
> > http://las.mersea.eu.org.
> > Here is my Apache configuration (Warning : this is an Apache 1.3, I
> > don't know if the new Apache 2 which I recommend have the same
> > syntax for the configuration) :
> > 
> > In the httpd.conf, I have a virtual host ($home is the path of the
> > mersea user, change it with the good one for you) :
> > 
> > <VirtualHost las.mersea.eu.org>
> >     ServerAdmin webmaster@mersea.eu.org
> >     DocumentRoot $home/las/las_servlet/jakarta/webapps/
> >     DirectoryIndex index.html
> >     RedirectMatch  /index.html /las/servlets/dataset
> >     ServerName las.mersea.eu.org
> >     ErrorLog logs/las.mersea.eu.org-error_log
> >     CustomLog logs/las.mersea.eu.org-access_log common
> >     ScriptAlias  /las-bin/ $home/las/server/
> >     Alias /las-output/ $home/las/server/output/
> >     Include /etc/httpd/conf/mod_jk.conf-mersea
> > </VirtualHost>
> > 
> > By default, this configuration file parse the access.conf placed in
> > the same directory, but you can put these lines into the httpd.conf.
> > Here is my access.conf :
> > 
> > #
> > # This is the default file for the AccessConfig directive in
> > httpd.conf.
> > # It is processed after httpd.conf and srm.conf.
> > #
> > # To avoid confusion, it is recommended that you put all of your
> > # Apache server directives into the httpd.conf file and leave this
> > # one essentially empty.
> > #
> > <Directory $home/las/las_servlet/jakarta/webapps/ >
> > Options -Indexes
> > AllowOverride All
> > AuthType Basic
> > AuthName  "Mersea Access "
> > AuthUserFile $home/users-valid
> > <Files "*">
> > require valid-user
> > </Files>
> > </Directory>
> > 
> > I created the $home/users-valid with the Apache utility "htpasswd"
> > in order to have a user and an encrypted password.
> > Please see http://httpd.apache.org/docs/howto/auth.html for Apache
> > 1.3 and http://httpd.apache.org/docs-2.0/howto/auth.html for Apache
> > 2, all is explained.
> > 
> > Note that there is an other way to configure http password for a
> > virtual host and not for a directory.
> > 
> > If you have specific question please send me a mail.
> > 
> > Regards,
> > Tony Jolibois 
> 
> 
> benb wrote: 
> > Hello All,
> > 
> > To satisfy the data access policy for my project I need to require a logon to
> > my LAS site (anyone can get a password, we just need to keep track of everyone
> > that accesses the site).  I saw "Adding password protection" in the FAQ at
> > http://ferret.pmel.noaa.gov/Ferret/LAS/FAQ/password_protection.htm but this 
> > does
> > not work and seems to apply to version 5 and below.  I'm running LAS 6.3.  Can
> > anyone tell me how to achieve password protection with this version?
> > 
> > The following is what I put in Apache httpd.conf (which doesn't work):
> >  
> > -----
> > Alias /las "/usr/local/las/las/las_servlet/jakarta/webapps/las"
> > <Directory /usr/local/las/las/las_servlet/jakarta/webapps/las/>
> >     AddHandler cgi-script .pl
> >     Options +ExecCGI
> >     AuthUserFile /usr/local/apache2/.auto_pass/.auto_pass.txt
> >     AuthGroupFile /dev/null
> >     AuthName 'WTF-CEOP members'
> >     AuthType Basic
> >     <Limit GET POST >
> >     require valid-user
> >     </Limit>
> > </Directory>
> > ------
> > 
> > 
> > Thank you,
> > 
> > Ben
> > 
> > 
> >

Previous by thread: Re: LAS Password Protection
Next by thread: Re: LAS Password Protection

[Thread Prev][Thread Next][Index]

Dept of Commerce / NOAA / OAR / PMEL / TMAP
Contact Us | Privacy Policy | Disclaimer | Accessibility Statement