In Sun WebServer 1.0, the realm
directive had little significance other than as an identifier for the browser (printed in the authentication dialog box). In Sun WebServer 2.1, the realm specifies a pre-existing set of users and groups used for authenticating access to a URL. Realm information is stored in the realms.conf file. HTPASSWD
realms have a directory associated with them as well (defined in realm.conf) which contains the "users" and "groups" files to be used in the authentication. The password_file
and group_file
directives in Sun WebServer 1.0 ACLs are therefore obsolete. All 1.0 realms will be HTPASSWD
realms in
2.1 since these user-created databases were the only source available in 1.0.
Given the following Sun WebServer 1.0 access control in /etc/http/access.acl for host widgets:
url /reports { realm Managers authentication_type basic password_file /usr/auth/Managers/Maners_users group_file /usr/auth/Managers/Managers_groups + group report_managers - user Joe } |
Create a realm to hold the password and group file. This can be done as follows:
# htrealm add -i server1 -h widgets -r Managers -s HTPASSWD |
This command will add the following entry to the realms.conf for the site widgets:
realm Managers { realm_source HTPASSWD } |
It also creates the following directory at the site widgets:
/var/http/server1/websites/widgets/conf/realms/Managers/ |
Copy the users and groups file into the Managers directory:
# cp /usr/auth/Managers/Managers_users \ /var/http/server1/websites/widgets/conf/realms/Managers/users # cp /usr/auth/Managers/Managers_groups \ /var/http/server1/websites/widgets/conf/realms/Managers/groups |
Remove the file directives from the Sun WebServer 1.0 ACL and place the new ACL in the Sun WebServer 2.1 ACL file: /var/http/server1/websites/widgets/conf/access.conf:
url /reports { realm Managers authentication_type basic + group report_managers - user Joe } |