[plug] Validating a user/passwd
Matt Kemner
zombie at networx.net.au
Tue Oct 5 12:49:42 WST 1999
On Tue, 5 Oct 1999, Paul Baumgarten wrote:
> I am setting up an CGI web page which will produce certain information for
> the user after they have validated themselves and I want to validate based
> on their login passwords.
If you're running apache (or similar) you can do that easily with htpasswd
See section G of the apache FAQ (http://www.apache.org/docs/misc/FAQ.html)
and the apacheweek article at http://www.apacheweek.com/features/userauth
Make sure you read FAQ question G7, about why it's a bad idea to use
actual login passwords (such as those in /etc/passwd|/etc/shadow) for
apache authentication.
http://www.apache.org/docs/misc/FAQ.html#passwdauth
"If you still want to do this in light of the above disadvantages, the
method is left as an exercise for the reader. It'll void your Apache
warranty, though, and you'll lose all accumulated UNIX guru points."
- Matt
More information about the plug
mailing list