|It is a great idea and it is working nicely. But there is some problem which i want to share with you. It prompts for User Name / Password to access each page/section, e.g. i want to access a page of hmtl having 4 sections, it asks me 4 times for pwd. How can i control it?
What i did is as under:
1- I am using Apache 2 at Windows with GSDL 2.71
2- I created a .htaccess file with the following code:
AuthUserFile /gsdl/collect/docs/.htpasswd [Should i give the physical path here
e.g. C:Program FilesGreenstone....etc?]
AuthName "AHKRC Digital Library"
<Limit GET POST>
3- After that I made .htpasswd file at same path /gsdl/collect/docs/ with the following command:
D:Greenstone271collectdocs>htpasswd -cmdps .htpasswd ata
New password: **********
Re-type new password: **********
Adding password for user ata
4- Then I added the following code in my httpd.conf
file of Apache
Alias /gsdl "D:/Greenstone271"
Options Indexes MultiViews FollowSymLinks
Allow from all
Is it correct or I am making some mistake?
On 4/18/07, Arthur R. Belanger
The .htaccess and .htpasswd files are part of the webserver, not
greenstone. The .htaccess file is a text file placed in the directory
you want to protect. It protects that directory as well as all the
subdirectories beneath it. In your case, where you want to protect the
files in the assoc directory, put the file in the directory pointed to
by http://[IP]/gsdl/collect/abc/index/assoc, for example
/usr/local/gsdl/collect/abc/index/assoc. Here is a sample .htaccess file:
<Limit GET POST>
This file assumes that you create the .htpasswd file in
xyz can be anything you want.
The .htpasswd file is created with the htpasswd command.
If you are usinf Linux/Unix, you can get the syntax of the htpasswd
command by typing htpasswd at the command prompt or get a fuller
explanation by typing man htpasswd.
For this to work, you must have AllowOverride AuthConfig specified in
the Alias /gsdl section of your webserver configuration file, httpd.conf.
The other downside to this approach in adition to creating and
maintaining the .htpasswd file, is that all users will be presented with
this username/password request when they request a document form the
assoc directory, even those who have already authenticated through the
Greenstone authentication system, though this will only happen once per
web browser session. This is not an ideal situation but it does work.
I hope this is clear enough and helpful.
Ata ur Rehman wrote:
> Dear *Arthur R. Belanger / All
> *Thanks for response. I dont know about .htaccess and .htpasswd files.
> These files are the part of Apache Server or GSDL? What will be the
> syntax of these files and in which directory i have to create these files?
> I have four type of collections in my digital library. Three are open
> for everybody and only one collection is username/pswd protected
> On 4/17/07, *Arthur R. Belanger* <
> <mailto:firstname.lastname@example.org>> wrote:
> The Greenstone authentication system only restricts access through the
> Greenstone software. The link to any particular file dows not go
> through the GS software but is a standard url although it does point to
> a location within the greenstone tree. The way I would resolve this
> kind of problem is to create a .htaccess and .htpasswd file pair in the
> assoc directory. This should allow you to restrict access to users in
> the .htpasswd file. You would have to create this file with the same
> usernames and passwords that you used in your auth_group xyz. This
> should work if you are using the Apache webserver and perhaps others
> though I do not have experience with them.
> Ata ur Rehman wrote:
> > Dear All
> > I would like to draw you attention to a very serious issue that i am
> > facing now a days. I have a collection (say abc). I have made this
> > collection password protected. When a user click on the link of
> > collection, he has to provide username and password which i have
> > defined at Admin page of my Digital Library. Now the problem starts
> > when some of my users send a link of some PDF file to another
> user like
> > It must ask for username/password to access this document, but
> this link
> > opens without authentication.
> > Is it some bug or I am doing something wrong?
> > Please guide me
> > Note: I have made my collection password protected by adding the
> > following lines in my collect.cfg file
> > authenticate collection
> > auth_group xyz
> > Regards,
> > Ata ur Rehman,
> > Librarian,
> > Akhter Hameed Khan Resource Center (AHKRC),
> > NRSP-Institute of Rural Management,
> > F-6/4, Islamabad
> > Ph: +92 51 2822752
> > +92 51 2822792
> > http://www.ahkrc.net.pk <http://www.ahkrc.net.pk
> > _______________________________________________
> > greenstone-users mailing list
> > email@example.com
> > https://list.scms.waikato.ac.nz/mailman/listinfo/greenstone-users
> Arthur Belanger
> Medical Library System Manager
> Academic Media & Technology
> Yale University
> 100 Church Street South, Suite 107
> Mailcode 138
> New Haven, CT 06519
> (203) 785-6928
> (203) 737-2859, fax
> mailto:Arthur.Belanger@Yale.Edu <mailto:
Medical Library System Manager
Academic Media & Technology
100 Church Street South, Suite 107
New Haven, CT 06519
(203) 737-2859, fax