Sunday 31 May 2009

Digest authentication with Apache

This article is in continuation with previous and talks about setting up digest authentication with Apache.

There are few changes compared to the steps for Basic authentication.

1. Generating the password file for digest auth.

htdigest -c digest.txt secret prash

digest.txt is the password file, secret - the realm and prash is the username.

2. Create htaccess.acl under c:\wamp\www\digest-auth\ with following data

AuthUserFile C:\wamp\bin\apache\Apache2.2.11\bin\digest.txt
AuthName "Protected by Digest auth"
AuthType Digest
AuthDigestProvider file

<Limit GET POST>
require valid-user
</Limit>

‘AuthDigestProvider file’ is an additional property that needs to be mentioned for proper working of digest authentication.

3. And, last but not the least. Enable auth_digest_module by un-commenting the following line if its already commented in httpd.conf.

LoadModule auth_digest_module modules/mod_auth_digest.so

Reference : http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html

Setting up HTTP Basic authentication with Apache

Last week, I had a chance to setup our test Apache server for Basic and Digest authentication. The setup was required to verify few of the HTTP authentication related test cases.

I’m blogging it here so that I’ll not forget, if I need it again :)

I had WAMP Server v2.0  which included Apache v2.2.11 web server.

Setting up Basic authentication was straight forward.

1. Update http.conf by adding :

AccessFileName htaccess.acl .htaccess

An htaccess file can be used to modify the Apache configuration on a per-directory basis.

On some operating systems ‘htaccess.acl’ is not required. Ex, on Linux, you can just mention it as .htaccess. This is because, on Linux you can create a file with name .htaccess.

2. Add “Directory” tag into http.conf as shown below :

<Directory "c:/wamp/www/basic-auth/">
    Options None
    AllowOverride all
    Order Deny,Allow
</Directory>

c:/wamp/www/basic-auth/ is the folder which needs to be secured by the authentication scheme which we are trying to impose.

3. Next step is to create password file.

cd C:\wamp\bin\apache\Apache2.2.11\bin
htpasswd -c pwd.txt prash

This prompts for the password for the username – ‘prash’. After supplying the password we will be ready with the password file – ‘pwd.txt’ under ‘C:\wamp\bin\apache\Apache2.2.11\bin’.

4. Create the htaccess file - ‘htaccess.acl’ file with the following data.

AuthUserFile C:\wamp\bin\apache\Apache2.2.11\bin\pwd.txt
AuthName "Protected"
AuthType Basic

<Limit GET POST>
require valid-user
</Limit>

This specifies which password file need to be considered for the authentication – ‘C:/wamp/bin/apache/Apache2.2.11/bin/pwd.txt’ also the type of authentication scheme – Basic.

Place this file under the folder ‘c:/wamp/www/basic-auth/’ along with other live data and restart the server.

Now, try accessing the folder http://localhost/basic-auth. This should prompt for username and password.

Reference : http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html

Saturday 2 May 2009

Making my blog 'Mobile Friendly'

Being part of mobile software industry and that too working for S60 Browser research team, I desperately wanted to make my blog mobile friendly.


Unfortunately Blogger, where this blog is hosted lacks this service. This would be a very nice and really useful feature.
Wordpress seems to offer this already - http://wordpressmobile.mobi/.

After I did some googling I came across MoFuse. Mofuse provides feeds based solution to convert your blogs to mobile readable version.

Setting up a mobilized version with MoFuse was pretty straight forward, I just registered for a new mobilized blog URL - http://prashtech.mofuse.mobi which internally points to my blogs' RSS feeds.

That's it. If any of you visiting my blog from your mobile, try the mobilized version of my Blog!