Apache web directory password protection

Similar Messages

• Publish a web-viewable password-protected calendar?

  Is there any way to publish a web-viewable password-protected calendar?
  There is info here about publishing to your iDisk w/ password protection:
  http://docs.info.apple.com/article.html?artnum=61725
  But I need something that doesn't require iCal to access! For instance something that I could access via a web browser on a public computer, and would have to input a password to access.
  Is this possible, or is this a missing functionality?

  Hi UniAce, apparently in one of the recent versions of iCal you can now publish your ICS file (from iCal 'publish' command) onto a private server that is not WebDav... which was the requirement in the past.
  View your iCalendar on the web
  Here is a link to a program called PHP iCalendar that basically uses your ICS file that you've 'published' via iCal and makes it into a viewable HTML calendar.
  My problem with it
  I don't have .Mac and haven't tried it with that, but even though the program works great after a bit of installation (you should be comfortable with HTML editing to use PHP iCalendar, but not necessarily PHP) I could not get iCal to export my ICS file properly – it appeasr to upload properly in iCal, but then the file is 0 bytes on the server which is, in turn, making PHP iCalendar have a problem viewing it.
  How I got around it
  I ended up finding the 'resource' file that had my calendar and setup an automator action that locates that file, copies it to a location on my hard drive, renames it then 'opens' it with a Transmit droplet, which uploads it where I want it.
  Hope this helps, let me know if it's something that may work for you.
  12 PB G4, 1.33Ghz, 1.25 RAM   Mac OS X (10.4.6)  

• I web 09 password protect

  Hi
  Is there a way to password protect the website in iweb 09?

  Select the Sitename in the lefthand column.
  If you publish to MobileMe you can make the site private.
  If you publish at a 3rd party webhost, you have to protect your Site in the admin panel at your host.

• How to password protect non .mac web site

  does anyone have step-by-step directions on how to make my web page password protected on a non .mac web space?
  for example, http://www.yoursite.net/~userid
  My internet service provider does not support web page creation, they just provide the space.
  The only thing they said was the path to my directory is /rmgrazi/public_html/ and I should create my index.html file inside the public folder. I've tried creating and uploading a .htaccess file in the public folder, and then putting a .htpasswd file in my root directory /rmgrazi/
  This doesn't seem to work. Any advice appreciated. Thanks.

  Thanks for your help -- I'm not an expert by any means -- this is my first website... just wanting to put up a family website to share with friends & people I know.
  OK, the url is http://www.hickorytech.net/~rmgrazi/
  Right now I just have a blank page up that says "test website"
  My .htaccess file is located in /rmgrazi/public_html/ (yes, I put it inside the public folder in order to password protect my whole site).
  By the way I'm using TextEdit in OS X, so when I upload the original file with Fetch, it looks like htaccess.txt -- after it's uploaded (as text, not binary of course) then I simply change the name to .htaccess
  My .htaccess file includes the following:
  AuthUserFile /rmgrazi/.htpasswd
  AuthName Members Area
  AuthType Basic
  Require valid-user
  Then I uploaded the .htpasswd one level up to /rmgrazi/ like it says in .htaccess.
  The text in this file is just one line with my username:password (the password is written in code). I found a website that does this automatically. Then I just cut & paste it in apple+v
  I tried using the Terminal application in OS X panther to see if the server path needs to be longer -- I logged into my ftp.hickorytech.net and entered "pwd" -- that command is supposed to show the server path. /rmgrazi/public_html/ are the only folders I can see. "/" is as far back as it will show.
  In Fetch I can change the permissions for .htaccess and .htpasswd by clicking Get Info -- I tried all different combinations, 644, 711, etc... Maybe my permissions are set wrong?

• Password protecting swf file

  I'm creating a html page with price guides which are in flash
  swf files. I have the web pages password protected but anyone that
  is somewhat computer savy can get around that by finding the price
  guide swf files. Is there a way to password protect them from
  opening the swf files?

  You can zip it with a password (encrypt it). Unfortunately that option, even though it comes as
  standard equipment, is available only from the command line (terminal.app).
  http://opensoul.org/2007/4/9/creating-encrypted-zip-archives-with-os-x
  You may create an encrypted sparse image on your desktop and store your files
  in it. It's portable too,
  just copy the encrypted image to a flash drive and take it with you.
  http://support.apple.com/kb/HT1578
  There is "Meo" (a free file encryption utility):
  http://www.nchsoftware.com/encrypt/index.html
  There is openssl (comes with OS X), a command line tool (terminal):
  http://osxdaily.com/2007/05/02/quickly-encrypt-a-file-with-openssl/
  True Crypt (one of the most powerful solutions out there - and its free):
  http://www.truecrypt.org/
  Cryptor (a simple easy solution):
  http://www.limiter-inc.com/cryptor.html
  Kj ♘
  There are tons more of them out there, but I recommend these, because the price is right
  and they will get the job done.

• Apache Web Agent can't reset the session idle time value, pls help.

  Hi, all
  I'm using Apache Web Agent to protect an application, when I enter the application and do some actions in the application, I find my session's idle time value in the AM console can't be reset to zero, and after the idle time, the session will be time out.
  And the session's idle time can be reset to zero when I enter another application that protected by IIS Agent, or when I operate on AM console directly.
  My environment:
  Apache 1.3.33
  Web Agent 2.2
  RedHat Linux AS 3
  Access Manager 7.0 Patch9
  I have found a page with google, but have no answer:
  http://forums.sun.com/thread.jspa?threadID=5402511
  Please help.
  Thanks in advance!
  Shen

  Thanks for the reply, Shivaram. The issue appears to occur at random time, not accurately at the 3 min interval as you mention. I tested changing this value to 1, theoretically, after one 1 minute of idle time, accessing a link would make the agent reset the time idle value for the user session in SAM, but it didn't even after 3 minutes. This seems to be either a policy agent or system access manager bug.
  We performed a 'vanilla' test using the apache server manual pages (only plain HTML, no POST requests), the pages are protected by the policy agent. At the first login, rwe were prompted to enter credential to be validated by SAM/LDAP, and then a user session is created in SAM session table. We browse around the manual pages, once in a while, certain pages cause the policy agent to reset the time idle. However, revisiting these links after a few minutes doesn't reset the idle value. Caching setting has been disable as well. Could there be or lack of some settings in AMConfig.properties or AMAgent.properties that might have caused this behavior?
  Thanks for all your help,

• Does Apache in 10.6 support Web directory protection using .htpasswd?

  I am trying to protect a directory on my mac os 10.6 Web Sharing server using .htpasswd to no avail. I am creating an .htaccess and an .htpasswd file in the directory with what I think are proper configurations. Has anyone done this successfully? Am I missing something? Does the default setup in Snow Leopard allow for this? Is there a better way? Are these too many questions in a row?

  It was my understanding that one creates the .htpasswd file inside the directory that one is protecting, no?
  You can do that, but it's hardly recommended. Ideally the password file should be completely outside of the web directory since that makes it harder for someone to get access to it. If it's anywhere in the web directory tree then there's a chance that a remote user could get access to it (via some as-yet-unknown web server compromise) and there go all your passwords.
  .htaccess has to be in the directory it relates to, but .htpasswd can (and should) be elsewhere.
  and then created an .htaccess file alongside it with the entry shown in my original post.
  Sure, but that .htaccess file includes the path to the .htpasswd file to use for authentication.
  Just edit that line to the full path to your .htpasswd file.
  I'm not sure but I don't even see sever logs where I expected at:
  /private/var/log/httpd/access_log
  Under Apache 2 the logs are in /var/log/apache2/
  Also it appears that there are two apache2 folders:
  /etc/apache2/
  /private/etc/apache2/
  It doesn't matter. /etc is really a symlink to /private/etc. It's there mostly for compatiblity with unix apps that expect /etc.

• Trying to password protect a directory in my portal web server

  I have a third party web file manage called ckfinder that i am testing for a client and it works fine. However, when i try to password protect the directory using .htaccess file, it doesn't work. It starts out by kicking me to the SSO logine page, which is fine. But when i put a valid user name and password, it displays a page cannot be displayed error with the url being:
  https://infra.portal2.bynum.com:4443/sso/auth
  I checked the ssoServer.log and this is what it reads:
  Wed Jun 18 16:52:24 CDT 2008 [DEBUG] AJPRequestHandler-ApplicationServerThread-10 FilePolicyManager.getAuthLevel: papp success Url=http://por
  tal2.bynum.com/bellin/ckfinder/_samples/php/osso_login_success
  Wed Jun 18 16:52:24 CDT 2008 [DEBUG] AJPRequestHandler-ApplicationServerThread-10 FilePolicyManager.getAuthLevel: pappHostPort=portal2.bynum.
  com
  Wed Jun 18 16:52:24 CDT 2008 [DEBUG] AJPRequestHandler-ApplicationServerThread-10 No auth level found. Returning DefaultAuthLevel
  Wed Jun 18 16:52:24 CDT 2008 [INFO] AJPRequestHandler-ApplicationServerThread-10 FilePolicyManager.getAuthLevel returns 40
  Wed Jun 18 16:52:24 CDT 2008 [DEBUG] AJPRequestHandler-ApplicationServerThread-10 Requested Auth Level: 40
  Wed Jun 18 16:52:24 CDT 2008 [INFO] AJPRequestHandler-ApplicationServerThread-10 Entered SSOLoginServlet: :processSSOPartnerRequest method ..
  Wed Jun 18 16:52:24 CDT 2008 [DEBUG] AJPRequestHandler-ApplicationServerThread-10 AuthUtil: SSO Cookie received: null
  Wed Jun 18 16:52:24 CDT 2008 [DEBUG] AJPRequestHandler-ApplicationServerThread-10 Current Auth Level: -1
  Wed Jun 18 16:52:24 CDT 2008 [DEBUG] AJPRequestHandler-ApplicationServerThread-10 Header Accept: */*
  Any ideas??

  ok, i found out the problem. My web server was inproperly configured with by SSO Server. I reconfigured the server with the defaults and ran again and all worked fine..

• How to Password Protect a Directory so all Files are Protected?

  Hello CFers and Happy Holidays,
  I am moving a web site over from a Linux server over to a
  Windows 2000 server. The site was currently password protected via
  the oh so familiar .htaccess method on the Linux server. Now that
  the site is on IIS on Windows, the .htaccess files don't work.
  I have created a MSSQL database with a users table that
  contains all of the username and passwords that are allowed to
  access the site.
  Normally I would just log users in by querying the database,
  setting a session variable, and then using application.cfm to check
  to make sure the users is logged in. However, in this particualr
  site, most of the files are made up of .htm files which do not get
  processed by the ColdFusion application.cfm tag.
  Several posts indicated that I would need to disable
  anonymous access within IIS and then create the individual user
  accounts within Administrative Tools > Computer Management >
  Users and Groups. However, in this case, I don't want to create
  thousands of new users within windows.
  Is there a way for me to password protect all files within a
  directory while still using the accounts set up in my MSSQL
  database for authentication?
  Thanks,
  David Levin

  > Several posts indicated that I would need to disable
  anonymous access within
  > IIS and then create the individual user accounts within
  Administrative Tools >
  > Computer Management > Users and Groups. However, in
  this case, I don't want to
  > create thousands of new users within windows.
  How many users did you have in your .htaccess config? That's
  how many
  you'd need to set up in IIS. With IIS & file system
  permissions you're
  effecting the same thing you would with Apache's .htaccess
  authorisation.
  Except using GUI tools rather than text files; it's the same
  principle,
  though.
  Or... you could just install Apache and use that instead,
  sticking with the
  approach you're used to.
  Adam

• How to password protect a directory in Tomcat?

  Hi there,
  My configuration is as follows.
  Apache2 + mod_jk + Tomcat 5
  I have enabled the CGI processing servlet (org.apache.catalina.servlets.CGIServlet) in $CATALINA_HOME/conf/web.xml file. Now I can successfully run my perl CGI scripts. All my CGI scripts are located in the directory $CATALINA_HOME/webapps/mywebapp/WEB-INF/cgi/
  I want to secure these CGI scripts by password protecting the above mentioned directory.
  I've read the docs and I think configuring the conf/server.xml file along with conf/tomcat-users.xml file is the best way of doing it. Am I right?? If so, can anyone here please tell me how to proceed with this? What do I need to add to server.xml and tomcat-users.xml to password protect the afore mentioned directory?
  Thank you very much for reading. I really appreciate your response.
  Regards,
  Shashi

  Thanks for a quick reply, Tolmank! You might not be aware of how the CGI servlet shipped with Tomcat works. Here is the relevant portion of the conf/web.xml file for your reference.
  Thanks,
  Shashi
  <!-- Common Gateway Includes (CGI) processing servlet, which supports     -->
  <!-- execution of external applications that conform to the CGI spec      -->
  <!-- requirements.  Typically, this servlet is mapped to the URL pattern  -->
  <!-- "/cgi-bin/*", which means that any CGI applications that are         -->
  <!-- executed must be present within the web application.  This servlet   -->
  <!-- supports the following initialization parameters (default values     -->
  <!-- are in square brackets):                                             -->
  <servlet>                                                               
          <servlet-name>cgi</servlet-name>                                    
          <servlet-class>org.apache.catalina.servlets.CGIServlet</servlet-class>
           <init-param>                                                        
            <param-name>debug</param-name>                                    
            <param-value>0</param-value>                                      
          </init-param>                                                       
          <init-param>                                                        
            <param-name>cgiPathPrefix</param-name>                            
            <param-value>WEB-INF/cgi</param-value>                            
          </init-param>                                                       
           <load-on-startup>5</load-on-startup>                               
  </servlet>

• Password Protecting a directory (say a htm file on a Y drive)

  Hope someone can help. I am looking to password protect a .htm file in a Y drive directory. I have downloaded some JAVA script but it doesnt seem to work on the destination file (it work on a web page but not on the htm file i want!).
  Someone mentioned a file:// protocol, ring any bells?
  Thanks

  I don't know how to do that but Java programming isn't where I would look for the answer. You do know that Java and Javascript are different languages, right?

• How do you password protect web gallery

  Iphoto is easy to protect. How do you password protect your movies in webgallery? The help menu is not very clear

  The best I can figure out is that if you post your movie to the Gallery, but do not select the option to "Show project on Web Gallery home page," the video will not show on your home page for random visitors. When the movie is done posting, you can send the direct link of your video to whomever you want by copying it from the confirmation page after the video uploads. Not perfect, but the only option I see right now.

• Can't access password protected .Mac Web Gallery

  Safari is my primary browser. I have been creating web galleries using iLife '08 and my .Mac account and then viewing them with Safari for the past month or so with no trouble. This weekend I tried creating a password protected web gallery and it won't load in Safari. The gear icon just spins forever and has timed out when I have left it alone long enough. My other web galleries continue to load just fine. Clicking on the link from within iPhoto for my password protected gallery doesn't work, typing the url into Safari doesn't work, going to my gallery index and clicking on the icon of the "locked" gallery doesn't work, etc. I can still view all of my other web galleries, but this one that I'm trying to protect just won't load.
  This actually appears to be a Safari problem. I don't get a dialog asking for User Name and Password. The url works just fine using Firefox on my Mac, and it also works on a PC running Windows XP. When using something other than Safari, I get the prompt for User Name and Password that I would expect. Upon entering that information, everything looks normal and works just fine.
  Tsk tsk Apple! Safari shouldn't be having trouble displaying protected .Mac web galleries. Sheesh!

  Just wanted to let you know that I have the EXACT SAME problem, except it is affecting my password protected iWeb site and my Gallery. I can view it from Firefox, so that is the web browser I am using now. I sent a bug report to Apple, and I also send them a request for help using e-mail, but so far I have gotten no response. Hopefully someone is working on the fix?

• Link to other published web folder from within password protected iWeb site

  I realise that you cannot password protect an iWeb site if it contains a link to an external page / file. However, I have a complex genealogy site that I had previously published to another site. I directly copied this folder to the iWeb directory alongside the folder for the protected site published from iWeb. I have tried all sorts of link URLs on the protected site page, trying to link to the genealogy index.html file. iWeb refuses to allow password protection or even point correctly to the site.
  Does anyone know how to create a suitable link to a site folder created elsewhere?

  I have a password protected site with a page that has a link to an ordinary homepage.mac.com page, with no problems. Could you provide more details on what is not working for you? Maybe putting your geneology folder in iDisk/Sites and linking to that would help?

• Publish Password Protect Calendar for Web-Browsers?

  I read the various help resources in OS 10.4.11 and online and can't seem to figure out if a calendar can be shared with password protection so that anyone using a web browser who knows the password only can access it. From what I've read, Apple says I can post the calendar to a private (presumably password protected) website, but while users can subscribe to it using iCal, they won't be able to read it with a web browser which sort of defeats sharing it privately over multiple OS platforms.
  Anybody know if there's a way to keep my online calendar private, password protected? Thanks in advance!
  Sorry If I am repeating, but I cannot seem to search the discussion forums anymore.

  Thanks for your help -- I'm not an expert by any means -- this is my first website... just wanting to put up a family website to share with friends & people I know.
  OK, the url is http://www.hickorytech.net/~rmgrazi/
  Right now I just have a blank page up that says "test website"
  My .htaccess file is located in /rmgrazi/public_html/ (yes, I put it inside the public folder in order to password protect my whole site).
  By the way I'm using TextEdit in OS X, so when I upload the original file with Fetch, it looks like htaccess.txt -- after it's uploaded (as text, not binary of course) then I simply change the name to .htaccess
  My .htaccess file includes the following:
  AuthUserFile /rmgrazi/.htpasswd
  AuthName Members Area
  AuthType Basic
  Require valid-user
  Then I uploaded the .htpasswd one level up to /rmgrazi/ like it says in .htaccess.
  The text in this file is just one line with my username:password (the password is written in code). I found a website that does this automatically. Then I just cut & paste it in apple+v
  I tried using the Terminal application in OS X panther to see if the server path needs to be longer -- I logged into my ftp.hickorytech.net and entered "pwd" -- that command is supposed to show the server path. /rmgrazi/public_html/ are the only folders I can see. "/" is as far back as it will show.
  In Fetch I can change the permissions for .htaccess and .htpasswd by clicking Get Info -- I tried all different combinations, 644, 711, etc... Maybe my permissions are set wrong?