You are here: Home Experiment Information US ATLAS Local Users US ATLAS User Authenticated Web Pages

US ATLAS User Authenticated Web Pages

by John S. De Stefano Jr. last modified Apr 07, 2010 04:35 PM
The basics of serving authenticated web content via NFS.

Your US ATLAS computing account affords you the opportunity to host authenticated, project-related web content in NFS file system space.

Location

Files that you store in a directory called WWW in your NFS home directory will be served and accessible via a special US ATLAS URL:
https://people.usatlas.bnl.gov/~your_username/

Files and Permissions

In your NFS home directory, generate a password file (typically, but not necessarily, called .htpasswd) using the Apache htpasswd utility. Currently, this utility is not available on acas nodes; the file must be generated elsewhere, on any host with Apache'shttpd package installed, and copied to your NFS home. Or try this online .htpasswd and .htaccess file generator instead.

htpasswd -c .htpasswd some_user_name

Do not generate a plain text password. Only default-style, encrypted passwords will be accepted by the US ATLAS web server.

Create a WWW directory in your NFS home:

mkdir ~/WWW/

In the WWW directory, or any sub-directory therein in which you wish to restrict access, create a file called .htaccess that points to the full absolute path to your password file, as well as the other directives given in the following example:

AuthType Basic
AuthName "Please enter the expected user name and password"
AuthUserFile /usatlas/u/username/.htpasswd
Require valid-user

After adding your content to the appropriate directory, ensure that the relevant files and directory are world-readable and that the Apache server process can access and process directives there as necessary:

chmod 0755 ~/WWW
chmod 0644 ~/.htpasswd ~/WWW/path-to-your-content/.htaccess

Once these permissions are properly set, you will be able to serve accessible web content, with password restrictions on the directory in which you have placed the .htaccess file. 

Directory Indexes

By default, directory indexing has been disabled for security purposes, meaning even your web content that is not password-protected will not be visible and will appear as "forbidden" to users, unless they browse to the specific URL for that content, or an index.html file is explicitly included in each directory.

This option can be overridden (at your own risk) by including the following directive in an .htaccess file to generate an index for your directory:

Options +Indexes

If you do not create an index.html file in this directory, the entire contents of the directory will be visible.

Web Content Policy

Web content hosted in US ATLAS NFS space should not contain scripts and must abide by the BNL Privacy and Security Notice and BNL guidelines for Personal Public Web Pages.

The current laboratory and facility policies prohibit the running of scripts and CGI from your publicly-accessible web directory.

Document Actions