NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLES | EXIT STATUS | ATTRIBUTES | FILES | SEE ALSO | NOTES
htaccess adds or deletes access control lists (ACLs) for resources on a web site. An ACL applies to any token that can be a Uniform Resource Identifier (URI) on that site, whether that URI is a directory, file, servlet, CGI, or alias to another resource.
ACLs can restrict access by the host name or IP address of a client, or by authenticated user or group name. Users are authenticated against a named realm (see htrealm(1m)), which defines whether passwords are stored in a Sun WebServer specific file (HTPASSWD), the operating system (UNIXSYS), in the SolarisTM for ISPsTM environment, an LDAP directory of ISP subscribers (ISP), or in the Management Console for Solaris for ISPs (ISPADMIN).
The list subcommand can be used to list the current ACLs on a URI.
The check subcommand can be used to check whether a user name and password can access a URI.
Subcommands
The following subcommands are supported:
Adds a new ACL or permission to an existing ACL.
Checks if the specified access is allowed.
Deletes an ACL or permission to an existing ACL.
Displays help on usage.
Lists all ACLs and their permissions for a given URL or specified host.
Displays the version of htaccess.
Options
The following options are supported:
Specifies that the user or group is the administrator. Valid with the add and delete subcommands.
Specifies the group in the realms to which the permissions apply. A group is a group of users defined in the realm. Use the wild card \* to indicate that the permission applies to any group_name. Valid with the add, delete, and check subcommands.
Specifies the name of the virtual host containing the ACL. Valid with all subcommands.
Specifies the IP or domain to which the permissions apply. Internet_host can be a fully qualified or partial domain name. If the domain name is partial, the permission applies to all hosts whose fully qualified names end with the domain. It can also be a fully qualified or partial IP address. If the IP address is partial, the permission applies to all hosts whose IP address begins with the Internet_host. Use the wild card \* to indicate that the permission applies to any Internet_host. Valid with the add, delete, and check subcommands.
Specifies the name of the httpd instance. Valid with all subcommands.
Specifies the HTTP method name to which the permissions apply. The method_names directive is a list of ALL, DELETE, GET, POST, and PUT. Select ALL to permit all HTTP methods. Separate multiple methods with a space. The default is ALL. Valid with the add, delete, and check subcommands.
Denies access permission to the named user, group, or host. Valid with the add and delete subcommands.
Turns off prompting of password such that passwords are taken in from stdin and scripts may pipe (|) passwords. Valid with all subcommands.
Specifies the realm name. Valid with the add subcommand.
Specifies authentication scheme. Valid with the add subcommand.
The server expects user name and password information in base64 encoded text.
The server expects user name and a message digest of the password. The server must get the password in base64 encoded text locally, create a message digest, and compare it to the digest sent by the client. Valid only with htpasswd.
The server does not expect any authentication.
Specifies URI name protected by the ACL. Valid with all subcommands.
Specifies the user name to which the permission applies. A user is any user with a user name for which Sun WebServer retrieves the password from the realm name specified in the ACL. Use the wild card \* to indicate that the permission applies to any user. Valid with the add, check, and delete subcommands.
Specifies the verbose mode. Valid with all subcommands.
Allows the named user, group, or host to access the URI. Valid with the add and delete subcommands.
Specifies the name of the administrator. Valid with the add, check, and delete subcommands.
To protect the URL http://www.A.com/project/ on the server instance "sws_server" using an HTPASSWD realm "Project" with user "user1":
# htrealm add -i sws_server -h www.A.com -r Project \\ -s HTPASSWD -d realms/Project # htrealm add -i sws_server -h www.A.com -r Project -u user1 Setting password for the user user1. Password: Confirm Password: # htaccess add -i sws_server -h www.A.com -U "/project" \\ -r Project -s BASIC -m GET -u '*' -y
To delegate access control management to the user webmaster in the realm WebUsers:
# htaccess add -i sws_server -h www.A.com -U / -r WebUsers -s MD5 -a \\ -u webmaster
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
Availability | SUNWhttp |
Interface Stability | Evolving |
The following files are used by this utility:
A web site's access control lists configuration file.
The server administration access control lists configuration file.
Defines the realms used to define users for web site access control lists.
Defines the realms used to define users for server administration.
If the command is run by root
user, then the username and password of an administrator are not required.
Users other than root
must use the -z option and pass the user name and password of a valid administrator to the command.
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLES | EXIT STATUS | ATTRIBUTES | FILES | SEE ALSO | NOTES