Applies To:
[ Zend Core V2.x ]
[ IBM System i ]
Overview
This is the main Apache Server Configuration file, It contains the configuration directives that give the server its instructions (powered by Apache)..
The PASE apache server for IBM System i includes a rich collection of enhancements and features for a secure connection and a rich set of security features and services that pertain to the goals of authentication, authorization, integrity, confidentiality, and auditing.
- Authentication is the process by which you verify a user's identity through some sort of credentials. (userid/password, DCM, Voice recognition, fingerprinting etc.).
- Authorization is any process by which someone is allowed to be where they want to go, or to have information that they want to have.
- Access Control is a set of policies that define who can access your data, and resources, what kind of authority granted and actions allowed to perform.
- htpasswd is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users. If htpasswd cannot access a file, such as not being able to write to the output file or not being able to read the file in order to update it, it returns an error status and makes no changes.
Instructions
Protecting PASE apache content with basic authentication
There are two configuration steps which you must complete in order to protect a resource using basic apache PASE authentication, grouping alike users depending on what you are trying to do.
- Create a password file From an i5/OS command line:
- Set the PASE apache configuration to use this password file:
- WRKLNK /usr/local/zend/apache2/conf
- Identify the PASE apache directive
3.Optionally, create a Group File From an i5 command line:
- EDTF STMF('/mydir/mygroupfile')
- File structure - GroupName: userid1 userid2 userid3
Result
You have information on your web site that is sensitive or intended for only a small group of people, the techniques in this article will help you make sure that only users with proper credentials will have access to the information.
Excerpt: Apache - PASE Authentication, Authorization and Access Control
Original Post Date: 2009-10-23 14:09:15
External Links: http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp
http://www-03.ibm.com/servers/enable/site/porting/iseries/pase/misc.html
Alternative Description:
Apache - PASE Authentication, Authorization and Access Control