Hi, hlf-ga. Thank you for your question.
As long as everything's set up correctly, you shouldn't need to create
any PHP or Perl scripts to protect a directory - the .htaccess files
and the mod_mya module should take care of it themselves. The server
should ask the browser to prompt the visitor for a username and
password.
The first step should be to create the mysql database and tables, if
you haven't already. You can do this with the following queries (taken
from the mod_mya site):
CREATE TABLE virtual_users (
username char(32) NOT NULL,
password char(32),
PRIMARY KEY (username)
);
CREATE TABLE groups (
groupname char(32) NOT NULL,
username char(32) NOT NULL
);
(I assumed this was added to a database called 'authinfo' in the
following examples).
You can then add users to the 'virtual_users' table (or whatever you
named it).
You then need to create a '.htaccess' file in the directory you want
to protect. (Placing a .htaccess in a directory will also protect all
files and subdirectories; for example, if you created a .htaccess file
in '/foo/', any files in /foo/, such as /foo/file.txt, as well as
directories, like /foo/bar/, would need a password to be accessed).
The .htaccess file would need to contain (without the comments):
# Tell apache authentication should be done
AuthType basic
# Set the message the user should be shown
AuthName "Top Secret Stuff"
# Tell the server that any user with a valid user/pass should be let
in
require valid-user
# Turn on mya
mya On
# Replace 'virtual_users' with the name of the database the info's
stored in
mya_MySQL_Database authinfo
# Replace 'virtual_users' with the name of the table the user/pass
stuff is in
mya_MySQL_Table virtual_users
# Replace 'virtual_users' with the name of the table where the group
info lives
mya_MySQL_Group_Table groups
# Replace 'sqlusername' with the username to connect to the server
with
mya_MySQL_Username sqlusername
# Replace 'sqlusername' with the username to connect to the server
with
mya_MySQL_Password sqlpassword
# Set the kind of authentication needed - see the mod_mya webpage for
more info
mya_Authoritative On
mya_Encryption PlainText
# These are the names of the fields with the user/pass/groupname in
mya_MySQL_Username_Field username
mya_MySQL_Password_Field password
mya_MySQL_Group_Field groupname
This would allow any user with a valid username and password to access
that directory.
You can also grant only a specific group of users permission to access
a directory. To do this, you'd need to change a line in the applicable
.htaccess file. Change the line:
require valid-user
to, for example:
require group nicepeople
where 'nicepeople' is the name of the group of users you want to allow
to access that directory. To add a user to a group, you add a record
to the 'groups' table, with the username, and the name of the group
you want the user in. For example, to add the user 'foo' to the group
'nicepeople', you'd do something like this:
INSERT INTO groups (username, groupname) VALUES ('foo', 'nicepeople')
That user is now a member of the 'nicepeople' group, and should be
able to access that directory. (The user 'foo' will also need a
corresponding record in the 'virtual_users' table containing his
password).
I hope this was of use to you.
The mod_mya website can be found at:
http://www.synthemesc.com/mod_mya/
The following search may also be useful:
://www.google.com/search?q=mod_mya
If that was unclear, or you have any additional queries about this,
please feel free to request a clarification.
-- wildeeo-ga |
,
0 Comments
)