Password-protect access to an application with Apache
To configure Apache to request a username and password when accessing your application, follow these steps:
At the console, type the following commands. Remember to replace APPNAME, USERNAME and PASSWORD with your application name, desired username and desired password respectively.
$ cd installdir $ apache2/bin/htpasswd -cb apache2/APPNAME_users USERNAME PASSWORD
Edit the installdir/apps/APPNAME/conf/httpd-app.conf file and add the following lines. In addition, find the line containing Require all granted line and comment it by placing a hash (#) symbol before it, as shown below:
<Directory "installdir/apps/APPNAME/htdocs"> ... AuthType Basic AuthName MyAuthName AuthUserFile "installdir/apache2/APPNAME_users" Require valid-user ... <IfVersion >= 2.3> # Require all granted </IfVersion> ... </Directory>
If your application has a proxy, add the following lines at the end of installdir/apps/APPNAME/conf/httpd-app.conf file:
<Location /> AuthType Basic AuthName "Authentication required" Require valid-user </Location>
Restart the Apache server:
$ sudo installdir/ctlscript.sh restart apache
When accessing the application, you will see the following authentication popup window. Enter the username and password that you have defined in the first step:
To change the password later, run the htpasswd utility without the -c switch and replace the USERNAME placeholder with the username of the account you wish to modify:
$ sudo installdir/apache2/bin/htpasswd installdir/apache2/APPNAME_users USERNAME
To add another user to the same file, run the htpasswd utility without the -c switch and replace the USERNAME and PASSWORD placeholders with the new username and password you wish to add.
$ sudo installdir/apache/bin/htpasswd -b installdir/apache/APPNAME_users USERNAME PASSWORD