Table of Contents
I often want to restrict web access to a set of pages to a select group of people, but really do not want to deal with the hassle of assinging peopel passwords, coping with lost or changed or forgotten passwords, etc. This document describes how I set things up so that I can designate a selected group of people who will have access via their Unix login names and passwords.
The basis of this approach lies in the htaccess files supported by the Apache web servers. It's a good idea to get some basic familiarity with how this works before you read further.
Go to the directory containing the web pages that you want to
protect. In that directory ()for the sake of example, we will use
/home/zeil/secure_html/cs333
) create a file named
.htaccess
(the leading '.' makes this a "hidden" file
in Unix). The file should contain
AuthName "CS 361 (log in with your Unix account name and password)" AuthType Basic AuthUserFile /home/zeil/secure_html/cs333/.htpasswd AuthGroupFile /home/zeil/secure_html/cs333/.htgroup require group instructors ErrorDocument 401 /~zeil/401ErrorHandling/error401.html
Of course, you should change the AuthName string to be appropriate
for your course. Change the paths in the AuthUserFile
and AuthGroupFile
lines to point to the same directory
where you are putting the new .htaccess
file. Leave
the ErrorDocument
line as is.
In that same directory, create a file named
".htgroup
" with the content:
instructors: zeil dkaneko
listing the login names for the instructors and TAs (and anyone else to whom you wish to give access but who is not a registered student.)
Both files should be given Unix permissions 664.
Now use a web browser to access one of the web pages in the
protected directory. You should be prompted to log in before the page is
actually served. However, because we have not yet set up your password,
you will not be able to successfully log in. Cancel the log in attempt.
You should then be directed to the web page
401Errorhandling/error401.html
.
The "401" error is the code for a failed user authentication
(login). You were redirected to this page because the
.htaccess
file specified it as the handler for this
kind of error (triggered when you cancelled the attempted login).
Click on the "Refresh Password Info" button. You should soon be
redirected to the page you had been trying to access. This time, however,
you should be able to log in sucessfully. If you then look in your
protected directory, you will find that an .htpasswd
file has been created and populated with encrypted passwords for the
instructors.
Load the .htaccess file into an editor and go to the "require group"
line. Change this by adding, for each course section you are teaching, a
group named
"crnsemester
_callNumber
"
where semester
is the ODU code for the semester and
callNumber
is the section call number. For example,
I might have changed it to
require group instructors crn200930_32986 crn200930_32989 crn200930_32990
Now run the script
~zeil/public_html/401ErrorHandling/generateCRNgoups.pl protectedDirectory
where protectedDirectory
is the path to your
protected directory of webpages. This script will use information in the
daily enrollment files to add the registered students in each of the
indicated course sections to the .htgroup file.
You might want to run that script on a daily basis - just add it to the dailyTasks file being run by the cron command.