cross
New Foswiki release 2.1.6 is available with important security fixes.
Sourceforge foswiki email lists being discontinued. Subscribe to the new Foswiki announce and discuss lists at MailingLists
Next step: %IGStepNextText%
Up: Enable authentication of users (if desired)

Installing Foswiki: Configuring Apache Login

With Apache Login enabled, when Foswiki needs to authenticate the user, the standard HTTP authentication mechanism is used: the browser itself will prompt for a user name and password.

Note: Apache Login is required for Apache-based login methods such as mod_ldap.

To setup Apache Login, perform the following steps:

  1. Configure Apache Login. Under the Security Settings pane of the configure page:
    1. Select Foswiki::LoginManager::ApacheLogin for {LoginManager}.
    2. Select Foswiki::Users::HtPasswdUser for {PasswordManager}.
    3. Select Foswiki::Users::TopicUserMapping for {UserMappingManager}.
    4. Set {Htpasswd}{Encoding} to sha1.
    5. Save your settings.
    6. Configure your Apache settings for HTTP authentication. Use the Foswiki:Support.ApacheConfigGenerator tool to set the following Apache directives on the bin scripts:
            <FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*">
            require valid-user
            </FilesMatch>
      You can also refer to the sample foswiki_httpd_conf.txt file to see how the appropriate Apache directives are specified.
  2. Verify that registration works. Register yourself using the System.UserRegistration topic in your Foswiki installation.
    Check that the password manager recognizes the new user by verifying that a new line is added to the foswiki/data/.htpassswd file, with the username and encrypted password. If the user and password information was not added, you probably got a path wrong, or the directory permissions on foswiki/data or foswiki/data/.htpasswd may not be set to allow the web server user to modify the file.
  3. Check that authentication works. Edit a topic by clicking on the Edit link at the top or bottom of a topic. If you have been authenticated, then you will see the edit page; otherwise, you will see an error message.

Next step: %IGStepNextText%
Up: Enable authentication of users (if desired)

Topic revision: r1 - 18 Jan 2010, IsaacLin - This page was cached on 21 Mar 2018 - 21:07.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License