5,576
edits
Changes
Jump to navigation
Jump to search
Line 236:
Line 236: + Line 247:
Line 248: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
→Procedure - authentication against groups
==== Procedure - authentication against groups ====
==== Procedure - authentication against groups ====
* Forum's references
Two methods are outlined in this forum post
Two methods are outlined in this forum post
http://forums.contribs.org/index.php/topic,38959.msg177967.html#msg177967
http://forums.contribs.org/index.php/topic,38959.msg177967.html#msg177967
* Unixgroup
You have to download a plugin of pwauth to authenticate unix group in SME Server 8 : http://code.google.com/p/pwauth/
For SME Server 9 a nfr is raised see [[bugzilla:3690]]
wget http://pwauth.googlecode.com/files/pwauth-2.3.10.tar.gz
tar xvzf pwauth-2.3.10.tar.gz
cp pwauth-2.3.10/unixgroup /usr/lib/httpd/modules/
chown root:www /usr/lib/httpd/modules/unixgroup
chmod 750 /usr/lib/httpd/modules/unixgroup
We need to create a new fragment<br />
nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth
{
$OUT .= " AddExternalGroup ugroup /usr/lib/httpd/modules/unixgroup\n";
$OUT .= " SetExternalGroupMethod ugroup environment\n";
}
[root@sme8 ~]# expand-template /etc/httpd/conf/httpd.conf
After that you are able to check for group membership using following code in .htaccess-Files:
(be sure that you are allowed to "AllowOverride AuthConfig" in your directory-rule from apache.
AuthName "mySite"
AuthType Basic
AuthExternal pwauth
GroupExternal ugroup
Require group mygroup
Satisfy all
mygroug must be a valid group on your server. After that you are able to check for group-membership. Usethis syntax if you have several group : group1 group 2 group 3
If you want to allow groups and certain users you can do like this.
AuthName "mySite"
AuthType Basic
AuthExternal pwauth
GroupExternal ugroup
AuthzUserAuthoritative off
Require group group 1 group2 group3
Require user admin pierre paul
Satisfy all
=== Testing ===
=== Testing ===