|
Home > Archive > WebSphere HTTP Server > January 2004 > Password Protected Website ...
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Password Protected Website ...
|
|
| Dave Atkerson 2004-01-19, 8:21 am |
| Anyone who can assist me with the setup of a password protected area of an
Intranet site would be greatly appreciated.
We have 5 sites up and running with no problem, however, this is the first
attempt to use a password secured area. I was able to get the basic security
to require a user ID + Password which is verified by the default As/400 user
profiles, but now they want me to lock it down to just a few persons only,
not all the system users. I found some documents on the IBM website but each
step in the configuration process refers to another prior step. I have been
chasing my tail for 3 days now and still can't figure out how to get the
thing to use the AUTH_LIST or some other form of specific user verification.
Any ideas or a point in the right direction would be appreciated.
Regards,
| |
| jjfall@us.ibm.com 2004-01-19, 8:21 am |
| You'll need to decide if you want to continue to have your users validate
with OS/400 profiles. Your other choices are internet usres in OS/400
validation lists (you can set these up by choosing "Internet Users and
Group" on the HTTP ADMIN GUI) or user lists stored on an LDAP server. The
latter two methods allow you to set up Web site authentication without
requiring OS/400 profiles for all of your users.
If you want to continue to have your users authenticate using OS/400 user
profiles, then simply adding a Require directive and listing those users
you want to to grant access may be all you need. Note you can do this for
your entire Web site, or for only specific portions of it (depending on
which <directory> or <location> containers you put the directives in):
AuthType Basic
AuthName "Restricted Directory"
PasswdFile %%SYSTEM%%
Require user anne bob carol don (As opposed to "Require valid-user", which means any user that can
authenticate by supplying OS/400 userid/pwd is allowed access)
If it becomes difficult to maintain your user list on the require
directive(s), you can start doing things with group files. Group files
can be nested within other group files, making it easier to provide
different levels of access to different sets of users.
AuthType Basic
AuthName "Restricted Directory"
PasswdFile %%SYSTEM%%
GroupFile /web/groups
Require group admin
AuthType Basic
AuthName "Non-Restricted Directory"
PasswdFile %%SYSTEM%%
GroupFile /web/groups
Require group anyoldjoe
http://publib.boulder.ibm.com/iseri...dprotection.htm
|
|
|
|
|