The info you are looking for is here Apache Authentication and Authorization.
This is what I have on my apache conf for each dir I want users to use a password for.
I have to put the username of each user I want to give access to here, there is another way to manage users though, using the AuthGroupFile
, but I don't have many since I use this for a simple file server for a yum repository.
<Directory "your_dir" >
AuthType Basic
AuthName "Restricted Access"
# Optional line:
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
# AuthGroupFile /usr/local/apache/passwd/groups
Require user username1 username2 username3
</Directory>
The syntax of the password file is something like:
username1:$apr1$fdafdsafdafdafsafda
username2:$apr1$fdafdsafdafdafsafda
But that file shouldn't be manually created, there is a tool for that, htpasswd
.
I have this in my code when adding new users:
def add_password(passwords_file,user,password)
if File.exists? passwords_file
unless File.readlines(passwords_file).grep(/#{user}/).size > 0
%x[htpasswd -b #{passwords_file} #{user} #{password}]
end
else
%x[htpasswd -c -b #{passwords_file} #{user} #{password}]
end
end
Hope this helps!