=[EXTRACT]Simple Authentication and Authorization Using Apache
This is a solution I came up while using Apache 2 to proxy requests to Instiki:
Allow from all
AuthName "My Secure Wiki"
This is similar to the setup explained in.
I moved theProxy Pass? and Proxy Pass Reverse? directives into a Location directive, and included some additional configuration to enable authentication:
- Auth Name: This is the text that the browser will show up in the challenge box.
- Auth Type?: Can be Basic or Digest. I’m using the Basic scheme, which sends clear text passwords.
- Require : This configuration allows any valid user to access the Location.
- Auth User File?: The file path of the user/password database. This file is generated using the utility and only works for Basic authentication. The user/password database should be located in a non-browsable directory.
Remember that with Basic authentication the passwords are send in clear text between the browser and the server. You should consider using SSL to protect them.