NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLES | EXIT STATUS | ATTRIBUTES | FILES | SEE ALSO | NOTES
htpasswd is a utility used only to change passwords for users in HTPASSWD realms. It is provided as a tool that can be incorporated in CGI or other scripts to automate password maintenance.
Users must be created using htrealm(1m). Once users are created, any system user can run htpasswd to update passwords (as long as the realm administrator name and password are specified).
The following options are supported:
Specifies the name of the server instance. Valid with all subcommands.
Specifies the name of the virtual host containing the realm. Valid with all subcommands.
Turns off password prompting (for scripts). Valid with all subcommands.
Specifies the realm name. Valid with all subcommands.
Specifies a user name whose password is to be set so that the user can have permission to modify realm data. Separate multiple user names with a white space. Valid with all subcommands.
Displays verbose status messages.
Specifies the name of the administrator of the server, web site, or realm. If users omit this option, users will be prompted for the current password and then the new password. This allows users to change the password. Valid with all subcommands.
Any user can change passwords in an HTPASSWD
realm if they have the user name and password of the realm administrator. If realmadmin
is the realm administrator name, a user (or CGI script) can change the password for user1
:
% htpasswd -i sws_server -h www.A.com -r Project \\ -u user1 -z realmadmin Enter Password for realmadmin: Setting password for the user user1. Password: Confirm password:
User, for example, user1
in the WebUsers
realm, change their own passwords:
% htpasswd -h www.A.com -i sws_server -r WebUsers -u user1 Password for user user1: *** Changing password for the user user1 New Password: ***** Confirm Password: *****
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
Availability | SUNWhttp |
Interface Stability | Evolving |
The following files are used by the command-line utilities:
Defines realms of user and group information used by access control lists on a Sun WebServer web site.
In order to access the global HTPASSWD realms (/etc/http/realms/conf), omit the -i and -h flags.
This command is installed with setuid to adm
to permit end users invoking the command to have write access to the Sun WebServer configuration after performing necessary checks.
Superusers do not need to specify the -z flag, and are allowed to access any command-line utility without authentication.
If the command is run by the root
user, then the user name and password of an administrator are not required.
Users other than root
must use the -z option and pass the user name and password of a valid administrator to the command.
The server will check whether a user has been designated the realm administrator, site administrator, or server administrator (in this order), where the latter two are defined as those principals who have access to the pseudo-URI ("/sws-administration") at the site-level and global access control configuration (/etc/http/access.conf).
A server administrator has access to site administration and is able to manage site realms, ACLs, and content. However, site administrators can override this setting by delegating administrators in the administrator blocks in realms, ACLs, and content configuration.
Since the HTPASSWD users' file contains encoded passwords, it should be maintained securely.
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLES | EXIT STATUS | ATTRIBUTES | FILES | SEE ALSO | NOTES