Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Configure Group-managed Content ====== **General Information** Group managed content for collaboration. ---- ====== Lab Setup ====== The following virtual machines will be used: * server1.example.com (192.168.1.150) -> Perform all connectivity tests from here * server2.example.com (192.168.1.151) -> Install Apache Web Server here **Previous Sections Completed** * [[linux_wiki:network_services_overview_apache_web_server|Install/Configure]] * Except leave listening on port 80/tcp * [[linux_wiki:configure_a_virtual_host|Virtual Host Config]] * [[linux_wiki:configure_access_restrictions_on_directories|Access Restrict Directory]] ---- ====== Basic Apache Directory Setup ====== Create directory to use <code bash> mkdir /data/redsite/devel-group </code> \\ Create users and a developers group that will have access to the directory to manage the content <code bash> useradd robert useradd steve groupadd developers </code> \\ Add users to the group <code bash> usermod -G developers robert usermod -G developers steve </code> \\ Set permissions of new directory <code bash> chown :developers /data/redsite/devel-group chmod 771 /data/redsite/devel-group </code> \\ Create index file <code bash> echo "Developers index file" > /data/redsite/devel-group/index.html </code> ---- ====== Group Protected Setup ====== **Help**: Available if you installed 'httpd-manual'<code bash>elinks /usr/share/httpd/manual/howto/auth.html</code> * Then follow the "Letting more than one person in" link \\ Create the groupdb file (list group members) <code bash> vim /etc/httpd/conf/groupdb developers: robert steve </code> \\ Create the user entries in the userdb password file <code bash> htpasswd /etc/httpd/conf/userdb robert htpasswd /etc/httpd/conf/userdb steve htpasswd /etc/httpd/conf/userdb monty </code> * Prompted for password each time * Give 'htpasswd' the -c argument if the userdb file does not exist to create it. * No "-c" the second time because it would overwrite the file instead of add to it. \\ Edit the vhosts.conf and add a directory auth section for the new devel-group directory <code bash> vim /etc/httpd/conf.d/vhosts.conf <VirtualHost *:80> ServerName redsite.example.com DocumentRoot /data/redsite #....SNIP....# <Directory /data/redsite/devel-group> AuthType Basic AuthName "Group Auth - Enter Credentials" AuthGroupFile "/etc/httpd/conf/groupdb" AuthUserFile "/etc/httpd/conf/userdb" Require group developers </Directory> </code> * Now only users in the userdb file AND in the "developers" group are allowed to view the content. * robert and steve should be allowed in, monty should be denied. \\ Restart httpd <code bash> systemctl restart httpd </code> \\ View group protected directory <code bash> elinks http://redsite.example.com/devel-group </code> * Prompted for username/password ---- linux_wiki/configure_group-managed_content.txt Last modified: 2019/05/25 23:50(external edit)