From 732f6686bc94151591f7bae3401aac095076068e Mon Sep 17 00:00:00 2001 From: Roland Stigge Date: Thu, 11 Jan 2018 21:36:51 +0100 Subject: Prepared login page (WIP) --- debian/README.Debian | 23 +++++------------------ 1 file changed, 5 insertions(+), 18 deletions(-) (limited to 'debian') diff --git a/debian/README.Debian b/debian/README.Debian index 413b4e7..312d00c 100644 --- a/debian/README.Debian +++ b/debian/README.Debian @@ -65,12 +65,12 @@ WEBBOX_READONLY On|Off Authentication -------------- -There is currently no separate authentication implemented in webbox. -Instead, the web browser's authentication can be used, e.g. +Webbox internally uses HTTP Auth for Authentication. E.g., Apache can +be configured like this: - # ... + ... AuthType Basic AuthName "Webbox" @@ -78,19 +78,12 @@ Instead, the web browser's authentication can be used, e.g. Require valid-user - - AuthType Basic - AuthName "Webbox" - AuthUserFile "/etc/apache2/sites-available/mysite.htpasswd" - Require valid-user - - Add a login/password pair to the password file: # htpasswd -c /etc/apache2/sites-available/mysite.htpasswd username -Remember to secure both the static web server path and the fastcgi application -paths in the browser, i.e. /usr/lib/webbox and /var/www/webbox +Only the FastCGI application needs to secured. The static pages in +/var/www/webbox should be accessible to the user for login purposes. Example configuration for Apache @@ -102,12 +95,6 @@ VirtualHost configuration: # Define the URL of the webbox served by the Apache server: # http:///testbox Alias /testbox /var/www/webbox - - AuthType Basic - AuthName "Webbox" - AuthUserFile "/etc/apache2/sites-available/mysite.htpasswd" - Require valid-user - # Actual location of files to be served FcgidInitialEnv WEBBOX_PATH /home/testbox -- cgit v1.2.3