We don't have ours open (in fact very we keep access as limited in
scope as is necessary; in our environment we can so we do - thank
goodness for socks5 and ssh), but a little time testing yields answers
for the auth question.
Set the same realm (AuthName directive) and password auth file(s)
(AuthUserFile and optionally AuthGroupFile if using groups -
recommended for multiple users so you can give everyone their own
accounts, manage them simply via group management, and safely revoke
access when needed) in all three locations. That will do the trick
(Tested via Firefox, Opera, and Epiphany). Even setting the same
password file(s) should be sufficient most of the time. I even can
create the same user/pass credentials in separate password files and
login only once to access all three locations.
Ben
On Tue, Mar 11, 2008 at 9:58 PM, Josh Luthman
<user-4c45a83f15cb@xymon.invalid> wrote:
I am curious to see how the crew here on the mailing list secures their
Hobbit from the outside world. I need to have the WWW pages visible from
every IP but only from certain people, therefor I need to use users and
passwords. Our Hobbitmon is viewed via cell phones and computers (IE and
Firefox) and protected by an HTTP(S) login currently. The problem is that
with three different Directory statements in httpd.conf, you need to login
three times every time you restart Firefox.
Also, how many businesses have Hobbitmon wide open for the viewing, such as
Henrik's demo, if any?
--
Josh Luthman
Office: XXX-XXX-XXXX
Direct: XXX-XXX-XXXX
XXXX Wayne St
Suite XXXX
Troy, OH XXXXX
Those who don't understand UNIX are condemned to reinvent it, poorly.
--- Henry Spencer