From 3f1cbf37eddf125ef6fa85bb896a5b2d9b8e267d Mon Sep 17 00:00:00 2001 From: Marcin Haba Date: Wed, 12 Aug 2015 20:28:50 +0200 Subject: [PATCH] baculum: Tweak INSTALL and README files --- gui/baculum/INSTALL | 26 ++++++++++++++------- gui/baculum/README | 56 ++++++++++++--------------------------------- 2 files changed, 32 insertions(+), 50 deletions(-) diff --git a/gui/baculum/INSTALL b/gui/baculum/INSTALL index aa26a87ad4..4e16c34c88 100644 --- a/gui/baculum/INSTALL +++ b/gui/baculum/INSTALL @@ -155,27 +155,37 @@ informed about this fact. First there is need to configure authentication to Baculum from web server side. -Baculum supports HTTP Basic authentication from web server. +Baculum supports HTTP Basic authentication from web server with passwords stored +in file: + +./protected/Data/baculum.users + +NOTE! +There is possible to use another location than: + ./protected/Data/baculum.users +however then is required provide the same auth data in Baculum initial wizard. In Apache web server this authentication method may be realizing by next directives declaration in Apache configuration file: AuthType Basic -AuthUserFile /etc/apache2/passwords +AuthUserFile /var/www/baculum/protected/Data/baculum.users Require valid-user -File located in /etc/apache2/passwords is an example file which contains users and -passwords. For generating passwords file you may use htpasswd binary file in next -way: +For creating passwords file you may use htpasswd binary file in next way: -# htpasswd -c /etc/apache2/passwords someuser +# htpasswd -c /var/www/baculum/protected/Data/baculum.users someuser You will be asked about inputing password and retype password for user. NOTE! "-c" switcher you should use only for new created passwords file. For existing -passwords file "-c" switcher should not be inputed. +passwords file "-c" switcher should not be provided. + +At the end there is need to give web server user possibility to manage the auth file: +For example: +chown www-data:www-data /var/www/baculum/protected/Data/baculum.users 5. Example configuration VirtualHost @@ -187,7 +197,7 @@ passwords file "-c" switcher should not be inputed. AllowOverride All AuthType Basic AuthName MyPrivateFile - AuthUserFile /etc/apache2/passwords + AuthUserFile /var/www/baculum/protected/Data/baculum.users Require valid-user diff --git a/gui/baculum/README b/gui/baculum/README index eacbd4b11e..0d3512f032 100644 --- a/gui/baculum/README +++ b/gui/baculum/README @@ -146,58 +146,30 @@ function for all users except administrator. ================================================================================ -=== 2. Baculum users configuration file for Lighttpd === +=== 2. Baculum users configuration file === There is possible to manage Baculum administrator login and password directly in configuration wizard step titled "Step 5 - authorization params to Baculum". -It means that Baculum administrator may change administrator auth params by +It means that Baculum administrator may change admin auth params by configuration wizard. -So far in Step 5 configuration wizard there were need to input admin auth params -the same as in pre-defined file by "htpasswd" program. +---------------- NOTE --------------- +In older Baculum versions (before 7.0.5) in Step 5 configuration wizard there were +need to input admin auth params the same as in pre-defined file by "htpasswd" +program. -For getting possibility to change admin login and password on wizard level -there is need to run Baculum on Lighttpd web server and create admin password -file locatied in: +In version 7.0.5 has been introduced partial support for possibility changing +username and password from Baculum interface working on Lighttpd web server. -protected/Data/baculum.users +From version 7.2.0 this limitation has been abolished. As long as Web Server uses +HTTP Basic auth file located in: -where syntax is: - -someuser:somepassword -myser123:password3213 -...etc. - - -NOTE! -Login and password are stored as plain text. - -Next in Lighttpd web server configuration file is need to define above file -as authfile for access to Baculum, for example: - -auth.backend = "plain" -auth.backend.plain.userfile = "/var/www/baculum/protected/Data/baculum.users" -auth.require = ( "/" => ( - "method" => "basic", - "realm" => "Baculum Auth", - "require" => "valid-user" -)) - - -Sample with whole Lighttpd configuration file you can find in directory: - -examples/baculum.lighttpd.conf - -NOTE! -Due to Apache web server can use plain text password only for Windows, -BEOS and Netware systems, described admin auth modification is not supported -for Apache. - -NOTE! -Functionality has been tested with Lighttpd. It has not been tested with other -web servers that supports plain text stored password. +./protected/Data/baculum.users +and Web Server is capable to write (write permission) to this passwords file as +long is possible to change username and password from Baculum interface level. +------------ NOTE END ------------- ================================================================================ -- 2.39.5