linux poison RSS
linux poison Email

Apache authentication using pam

1) Download the mod_auth_pam module : here

2) Installing mod_auth_pam

# tar xzf mod_auth_pam.tar.gz
# cd mod_auth_pam-1.0a
# make
# make install

3) Configure PAM

Here’s what the /etc/pam.d/httpd looks like

auth required
auth required
account required

4) Configuring Apache

Now that PAM is configured to authenticate apache’s requests, we’ll configure apache to properly utilize PAM authentication to restrict access to a specific directory. To do so, add the following lines to your httpd.conf (usually stored in /etc/apache/ or /etc/httpd):

AuthPAM_Enabled on
AllowOverride None
AuthName “Secrets”
AuthType “basic”

5) Restart the apache to put configuration to effect


Unknown said...

Why do you list "auth required" twice?

You have also forgotten to show the "required" line (eg: "required group users" or "require valid-user" or something)

Anonymous said...

Is PAM compatible with the OS user system, can I use PAM to develop an app that use the OS user db to login? Something like a web secure shell?

Post a Comment

Related Posts with Thumbnails