[freeside] Authorization Question

Dana Hudes dhudes at hudes.org
Sun Sep 30 09:35:43 PDT 2001 

OK, I see your utter confusion.
Freeside demands that first you authenticate to apache. To that end you need a .htpasswd
file (and you can also set up groups if you wanted, all the Apache auth stuff).
mapsecrets is *not* an Apache UserAuthFile
its for Freeside, not apache. Its none of Apache's business.

N.B. you do not have to use .htpasswd as the name for AuthUserFile
its just common practice -- whatever you call it, put it in ServerRoot not DocumentRoot (or below).

----- Original Message ----- 
From: "Jason" <jbrunk at whitetec.com>
To: <ivan-freeside at sisd.com>
Sent: Sunday, September 30, 2001 12:24 PM
Subject: Re: [freeside] Authorization Question


> i understand how the .htaccess works, but what i am curious about comes from
> this page of the documentation.
> 
> http://www.sisd.com/freeside/docs/config.html
> 
> the third option down, "which maps Apache users to a file which contains DBI
> data source, username and password.  Every line in
> /usr/local/etc/freeside/mapsecrets shold contain a username and a "filename"
> seperated by whitespace"
> 
> that is what is confusing me, because i thought if i use htpassword to
> create/modify my mapsecrets file, then it would be username/password not
> username/filename  so if i create my mapsecrets file with username/password
> then where does the file with the datasource/user/pass come in?
> 
> 
> maybe that explains my confusion a little better :)  thanx for helping so
> far:)
> 
> jason
> ----- Original Message -----
> From: "Dana Hudes" <dhudes at hudes.org>
> To: <ivan-freeside at sisd.com>
> Sent: Sunday, September 30, 2001 12:00 PM
> Subject: Re: [freeside] Authorization Question
> 
> 
> > I don't know what you're thinking of but you specified "mapsecrets"
> > as the file containing your apache authorization information.
> > so feed that to htpasswd
> >
> > Please read the information on apache and access control from mod_auth and
> > htpasswd then come back with questions on what you have read.
> > To do otherwise is somewhat inconsiderate.
> >
> > On Sun, 30 Sep 2001, Jason wrote:
> >
> > > Date: Sun, 30 Sep 2001 11:56:49 -0400
> > > From: Jason <jbrunk at whitetec.com>
> > > Reply-To: ivan-freeside at sisd.com
> > > To: ivan-freeside at sisd.com
> > > Subject: Re: [freeside] Authorization Question
> > >
> > > is the rest of my configuration correct though?
> > >
> > > when i create the authuserfile, do i add it into my .htaccess file?  how
> does apache know to use the mapsecrets?
> > >
> > > jason
> > >
> > >     in my .htaccess file i have the following.
> > >
> > >     AuthName "restricted stuff"
> > >     AuthType Basic
> > >     AuthUserFile /usr/local/etc/freeside/mapsecrets
> > >     require valid-user
> > >
> > >     then in my mapsecrets i have
> > >
> > >     admin sec_admin
> > >
> > >     where admin is the user and sec_admin is the secrets file
> > >
> > >     then in my sec_admin file i have
> > >
> > >     DBI:mysql:freeside
> > >     freeside
> > >     free1
> > >
> > >
> > >     where the first line is my connection string
> > >     second is my dbusername
> > >     third is dbpassword
> > >
> > >     so i guess what i am askig is, where do i assign the password for
> the account admin?  do i have something messed up?
> > >
> > >     jason
> > >
> > >
> >
> >
> >

More information about the freeside-users mailing list