access control

Web AccessControl is a decentralized system for allowing different users and groups various forms of access to resources where users and groups are identified by HTTP URIs.

The system is similar to the access control system used within many file systems except that the documents controlled, the users and the groups are all identified by URIs. Users are identified by WebIDs.

The easiest way to limit access to some of your web pages if you’re running a Apache server on a Linux OS is to use the .htaccess file.

The general form of the .htaccess file looks something like this:

AuthUserFile /{path_to_htpasswd}/.htpasswd 
AuthGroupFile /dev/null 
AuthName {Label_for_this_access_group} 
AuthType Basic 
<Limit GET> 
    require user {pseudo_user_name} 
</Limit>

You will have to replace values the ‘AuthUserFile’, “AuthName’, and the name of the required user with values appropriate for your materials.

Make sure the file has the correct permissions:

chmod 0644 .htaccess

Then you will create a file .htpassswd in that directory using the ‘htpasswd’ utility, e.g.,

cd /www/Restricted 
htpasswd -c .htpasswd fall2000 
chmod 0644 .htpasswd

Htpasswd will prompt you for a password for the pseudo-user ‘fall2000’, and then will ask you to repeat it, to ensure you entered what you thought you entered (since you won’t see text while you’re entering the password).