Apache > HTTP Server > Documentation > Version 2.4 > How-To / Tutorials

΄(Authentication), Ѻο(Authorization), (Access Control)

݋b _ _ Ɯ”. ٿ ~@ ݋ O[.

΄(authentication)@ _ O [b ȝ@ Ȯθ[b mƴ. Ѻο(authorization)b O ͻ@ ^ڷ nU Ȥ@ [b r nU A~[b rƴ.

Support Apache!






_ ȝh b r ] ȝ鸸 񄎓ưų Ƶ鸸@ rR, ۿ݋ [b ^@ ȝ~[ _ [b ȝ nU ] .

ۻ@ ȝh Ϻθ x[ @ ȝ ȝ~[b "F" Ҏ^@ ٷ.


⺻ e

ۿ݋ Lb Cb ݋L ּrH(^ڷ <Directory> ӛ)Ƴ 丮 rH(.htaccess H)݋ ȝ~Ѵ.

.htaccess H@ ȝ~[R HϿ b ΄ C A~[nU ݋L rؾ Ѵ. Ƹ 丮 rHϿ C ȝ~ ] b r[b AllowOverride C ȝ~Ѵ.

݋b ΄@ L V얿, ٞ @ AllowOverride C ʿ[.

AllowOverride AuthConfig

Ȥ@ C ݋L ּrHϿ bٔR, HϿ o ѓ Ѵ.

׸O x Hϓ 𘷾b ˱ ݋L 丮 䟒 ˾ƾѴ. ϻ@ ʽO, V ڼ ͓ƴ.


⺻ r[

݋L 丮 x x[b ⺻ Ҏ^@ Ѵ.

v xH@ 齁 Ѵ. Hϻ@ ݋ ] ^b ^ Ѵ. ٸȝ xH@ ٿε[ o[Ը[ ݋. 齁, ݋ /usr/local/apache/htdocs ٔR xH()@ /usr/local/apache/passwd .

Hġ ` htpasswd n並 ȝ~[ xH@ 늴. α׷@ Hġ ġ ^ bin 丮 . H@ R ٞ Ѵ.

htpasswd -c /usr/local/apache/passwd/passwords rbowen

htpasswdb x O, Ȯ@ x ٳC ¸[O ]Ѵ.

# htpasswd -c /usr/local/apache/passwd/passwords rbowen
New password: mypassword
Re-type new password: mypassword
Adding password for user rbowen

htpasswd H ο ^ٔR H ü θ ؾ Ѵ. ȝ~[b ݋L݋b /usr/local/apache/bin/htpasswd Hϓ .

ٞڷ ݋L x ][nU r[O, ݋L ȝ~ @ A~ ˷ Ѵ. apache2.conf \[ų .htaccess H@ ȝ~[ rѴ. 齁, /usr/local/apache/htdocs/secret 丮 x[R, E C /usr/local/apache/htdocs/secret/.htaccess HϓƳ apache2.conf <Directory /usr/local/apache/apache/htdocs/secret> ӛ Ѵ.

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /usr/local/apache/passwd/passwords
Require user rbowen

C [ 캸. AuthType Cb ȝ~ڸ ΄ Ҏ^@ Ѵ. ^ Ҏ^@ Basicڷ, mod_auth_basic Ѵ. ׵\ Basic ΄@ v ݋L x xȭ[ ʽO . ׵\Ƿ ℎ S x[ Ҏ^@ ȝ~[R ȵȴ. Hġb AuthType Digestb ΄ Ҏ^n Ѵ. Ҏ^@ mod_auth_digest [, ſ [. Ŭƾh鸸 Digest ΄@ ѴٽO Ѵ.

AuthName Cb ΄ ȝ~ _(realm)@ rѴ. _@ ΰ _@ Ѵ. ù偓b Ŭƾh r x ȭâ ش. 偓b _ r ȝ~[ Ŭƾh Ưr ΄_ x m rѴ.

齁, ϸZ Ŭƾh "Restricted Files" _ ΄ [ٔR, Ŭƾhb ڵڷ @ ݋L݋ "Restricted Files" _ڷ FC _ x CnѴ. E݋ \ _ @ _@ Ϟ[R ȝ~ڰ \ x ¸[ ʾƙn ȴ. Ȼ Ϟ Ŭƾhb ݋L xzh ٸR H ؛ x .

AuthUserFile Cb 츮 Ҏ htpasswd xH θ rѴ. ȝ~ڰ ٔR ] ȝ~ڸ ΄[ ^ ݋H@ ˵[b C 瞢 ɸ ] . Hġb Γtz HϿ ȝ~ r v ] . mod_authn_dbm @ AuthDBMUserFile C Ѵ. dbmmanage α׷@ ȝ~[ xH@ O ٷ. Hġ Γtzb \ ٸ ΄ Ҏe@ [b ڰ .

ڷ Require Cb ݋L Ưr _ ] b ȝ~ڸ r[ Ѻο Ѵ. ٞ @ require C ȝ~[b ل Ҏ^@ Ѵ.


\@ 鿩

Cb 丮 (ȝ~ڸ rbowen) ȝ@ 鿩. κ \ ȝ@ 鿩O @ ͓ƴ. AuthGroupFile@ ȝ~ V.

\ ȝ@ 鿩O ʹٔR ׿p ׿p ȝ~ڵ b ˷־b ׿pHϓ ʿ[. H e@ ſ Z[, ƹ \γ ] . Hϳ~@ ٞ .

GroupName: rbowen dpitts sungo rshersey

׳ wڷ ׃ ׿p 伺 U ]ƴ.

Z xHϿ ȝ~ڸ ߰[R ٞ Ѵ

htpasswd /usr/local/apache/passwd/passwords dpitts

, ؛ H@ ʽO Z HϿ ȝ~ڸ ߰Ѵ. (-c ӛ@ ؛ xH@ 늴).

.htaccess H@ ٞ ]rѴ.

AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /usr/local/apache/passwd/passwords
AuthGroupFile /usr/local/apache/passwd/groups
Require group GroupName

׵\R GroupName ׿p Ӹ[ password HϿ H b ȝ~ڰ ùٸ x ¸[R @ A~Ѵ.

\ ^ ȝ~ڸ 鿩b ٸ Ҏ^ . ׿pH@ ʿ^ ٞ C ȝ~[⸸ [R ȴ.

Require valid-user

Require user rbowen _ C ȝ~[R xHϿ b n ùٸ x ¸[⸸ [R @ A~Ѵ. ׿p ٸ xH@ ȝ~[ ׿p ȿ @ ]n . Hġ H ΰ(xHϰ ׿pH) Ƈ H Ѱ(xH) ȝ[R ȴپb ͓ ƴ. ׵\ \ xH@ ؾ [O, AuthUserFile C rȮ xH@ rؾ [b ͻ@ Zƴ.


Te ] b

Basic ΄ Ҏe@ ݋L݋ ݋ ] V ȝ~ڸ x ȮѴ. U @ ؛ Oħ Vn (׸ x x[b 丮 b ) b ׸ ٳC ȮѴ. ۸[ әn . xH@ P݋ ȝ~ڸ@ ã@ VM ȝ~ U@ [V얿 xH rⰡ Ŀ ]U . ׸O E@ ] V Ѵ.

E݋ ڷ xHϿ v ] b ȝ~]b Ѱ谡 . Ѱb ȝ~[b ݋L ɿ ٸ, H ]w ѾbٔR ٽO e[O ٸ ΄ Ҏ^@ Oؾ Ѵ.


ٸ Ҏ^n Ѱ?

ȝ~ڸ x ȝ~ ΄ ٰ ”. vv ҿ @ ٸ r O ȝ~ڸ 鿩O @ V .

Allow Deny Cb ݋ ] ǻ xzh Ȥ@ xzh ּҸ O @ A~[ų źѴ. Order Cb C ȝ~[, Hġ b݋ Ģ@ ~ ˸.

Ƶ C ȝ~^@ ٞ .

Allow from address

݋ addressb IP ּ(Ȥ@ IP ּ Ϻ) nθ(Ȥ@ nθ Ϻ)ƴ. ѴٔR \ ּҳ nθ@ ȝ~ ] .

齁, ԳCǿ O øO ٔR ٞ @ @ ] .

Deny from

ּҿ݋ 齁b Ҏھb C x[b ] ^. IP ּ _ ٞ ǻ͸@ ȝ~ ]n .

Deny from host.example.com

, ü n @ ڷR ּҳ nθ Ϻθ ȝ~Ѵ.

Deny from 192.101.205
Deny from cyberthugs.com moreidiots.com
Deny from ke

Order Deny Allow C ȝ~[ [b @ @ ] .

Order deny,allow
Deny from all
Allow from dev.example.com

Allow C ȝ~[R, ش xzh ȝ~ڸ A~[O ű⿡ ߰ ȝ@ A~[Ƿ [b oѴ. _@ Ưr ȝ A~[ Ѵ.


@ r

mod_auth_basic mod_authz_host ݋ ۸[b Ҏ^ @ r .

:  en  |  es  |  fr  |  ja  |  ko  |  tr 



This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.