This is what I have in httpd.conf that makes me login three times (you can tell which three, obviously =)<br><br>Alias /hobbit/ "/hobbitdir/server/www/"<br><Directory "/hobbitdir/server/www"><br>
Options Indexes FollowSymLinks Includes MultiViews<br> Order allow,deny<br> Allow from all<br> AuthUserFile /hobbitdir/server/etc/hobbitpasswd<br> AuthType Basic<br> AuthName "Hobbit Monitoring1"<br>
Require valid-user<br></Directory><br><br>ScriptAlias /hobbit-cgi/ "/hobbitdir/cgi-bin/"<br><Directory "/hobbitdir/cgi-bin"><br> AllowOverride None<br> Options ExecCGI Includes<br> Order allow,deny<br>
Allow from all<br> AuthUserFile /hobbitdir/server/etc/hobbitpasswd<br> AuthType Basic<br> AuthName "Hobbit Monitoring2"<br> Require valid-user<br></Directory><br><br>ScriptAlias /hobbit-seccgi/ "/hobbitdir/cgi-secure/"<br>
<Directory "/hobbitdir/cgi-secure"><br> AllowOverride None<br> Options ExecCGI Includes<br> Order allow,deny<br> Allow from all<br><br> AuthUserFile /hobbitdir/server/etc/hobbitpasswd<br> AuthGroupFile /hobbitdir/server/etc/hobbitgroups<br>
AuthType Basic<br> AuthName "Hobbit Monitoring3"<br> Require valid-user<br> Require group group4admin<br></Directory><br><br><br><div><span class="gmail_quote">On 3/12/08, <b class="gmail_sendername">Buchan Milne</b> <<a href="mailto:bgmilne@staff.telkomsa.net">bgmilne@staff.telkomsa.net</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On Wednesday 12 March 2008 06:58:16 Josh Luthman wrote:<br> > I am curious to see how the crew here on the mailing list secures their<br> > Hobbit from the outside world. I need to have the WWW pages visible from<br>
> every IP but only from certain people, therefor I need to use users and<br> > passwords. Our Hobbitmon is viewed via cell phones and computers (IE and<br> > Firefox) and protected by an HTTP(S) login currently. The problem is that<br>
> with three different Directory statements in httpd.conf, you need to login<br> > three times every time you restart Firefox.<br> ><br> > Also, how many businesses have Hobbitmon wide open for the viewing, such as<br>
> Henrik's demo, if any?<br> <br> <br> <br>We run ours requiring authentication of a valid user in our LDAP directory for<br> any access to Hobbit at all, and membership of the monitoring group in LDAP<br> for access to the /hobbit-seccgi location. This allows to (besides reduce<br>
user management overhead) have password expiration, lockout, etc. etc.<br> <br> If you use the same authentication source in all the directory statements,<br> users should not have to authenticate more than once (we don't). Even if you<br>
do authorization only on /hobbit-seccgi.<br> <br> This is really more of an Apache thing than anything else ... but you may want<br> to post the authentication aspects of your apache configuration for Hobbit if<br> you need more assistance.<br>
<br> Regards,<br> <br>Buchan<br> </blockquote></div><br><br clear="all"><br>-- <br>Josh Luthman<br>Office: 937-552-2340<br>Direct: 937-552-2343<br>1100 Wayne St<br>Suite 1337<br>Troy, OH 45373<br><br>Those who don't understand UNIX are condemned to reinvent it, poorly.<br>
--- Henry Spencer