背景:使用lighttpd作为远程调用的服务端,显然需要安全机制
Step1) 修改lighttpd.conf
打开mod_auth
server.modules += ( "mod_auth" )
另外修改:
auth.debug = 2
auth.backend = "plain"
auth.backend.plain.userfile = "/etc/lighttpd/.lighttpdpassword"
注意:
- auth.debug = 2 : Specify debug level (0 turns off debug message, 1 for authentication ok message and 2 for detailed/verbose debugging message). This is useful for troubleshooting authentication problem. It logs message in access.log and error.log files
- auth.backend = “plain” : You are using plain text backend (other options are ldap, htpasswd and others)
- auth.backend.plain.userfile = “/etc/lighttpd/.lighttpdpassword” : Filename of the username:password storage
再添加以下红色的部分
$HTTP["host"] == "theos.in" {
…………………….
server.document-root = "/home/lighttpd/theos.in/http"
server.errorlog = "/var/log/lighttpd/theos.in/error.log"
accesslog.filename = "/var/log/lighttpd/theos.in/access.log"
auth.require = ( "/docs/" =>
(
"method" => "basic",
"realm" => "Password protected area",
"require" => "user=vivek"
)
)
……………...
}
注意:
- auth.require = ( “/docs/” => : Directory name
- “method” => “basic”, : Authentication type
- “realm” => “Password protected area”, : Password realm/message
- “require” => “user=vivek” : Only user vivek can use /docs/
Step 2)
产生密码文件.lighttpdpassword
# vi /etc/lighttpd/.lighttpdpassword
添加用户名密码
vivek:mysecretepassword
注意:
- vivek - is the name of a user. Please note that do not use a system user stored in /etc/passwd file. It is recommended that you use a different username that only exists for the purpose of authenticating password protected directories.
- mysecretepassword - is the password for user vivek (must be in clear text format for plain text method)
扫一扫
391
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
