How to complete the "PAM Authentication" task

What I have to do to complete the this task?

Can please somebody explain?

Hi @santash.jena

You have to configure basic authentication with PAM.As per the question you have to password protect mentioned directory

Example:
https://www.server-world.info/en/note?os=CentOS_7&p=httpd&f=10

Yes, I have done that. Can you please explain for which directory I had to do that.
I was completely confused.

Advanced thanks for your help!

Hi Santash,

All required details like which directory need to be password protected etc should be in question itself. If you think question is confusing or missing some information please let us know, we will make the appropriate improvements.

Thanks
Inderpreet

What I found difficult was whether I had to make changes to /data of storage server or /var/www/html folder of APP servers.

Also, I was unable to find /etc/pam.d/httpd folder. Can you please explain me these parts.

Hello,

As mentioned in the question /data on storage server is mounted as a shared directory on all app server under /var/www/html location, hence if you make any changes under /data on storage server or under /var/www/html on any app server that should reflect on all servers (apps and storage).

Further about missing httpd directory please make sure you have installed all required packages which are needed.

Thanks
Inderpreet

1 Like

Ok. I was missing this part. I didn’t know that we had to install packages as well. Thanks for your help.

I think it would be better if this can be mentioned in the Question itself.

I got the same question. what should we specify for the website-url?

1 Like

Hi Santash,

Thanks for your feedback. Actually we assume users to understand at least some of basic pre-requisites based on the requirements that are asked in the question. For example if you are asked to setup a website on a server using Apache and Apache is not installed on that server by default then you should assume installing it first.

But please feel free to share any misleading or wrong information if you find any.

Thanks
Inderpreet

1 Like

Hello,

You can use any URL for example localhost there are no such specific requirements. Anyways thanks for asking this I have added some more information in the question to make it clear.

Thanks
Inderpreet

2 Likes

Hi,

Thanks Inderpreet.

Whenever i am using the option to view on host 1, i am getting 502 bad gateway. Could you please let me know if i need to do anything else to access the localhost.

1 Like

Hello,

Can you please share some screenshots and steps how you are trying to access it?

Thanks
Inderpreet

1 Like

Hi Inderpreet,

I have followed the below steps for this tasks
sudo yum install epel-release
sudo yum -y install mod_ssl
sudo yum --enablerepo=epel -y install mod_authnz_external pwauth
sudo vi /etc/httpd/conf.d/authnz_external.conf
<Directory /var/www/html/protected>
SSLRequireSSL
AuthType Basic
AuthName “PAM Authentication”
AuthBasicProvider external
AuthExternal pwauth
require valid-user

sudo vi /etc/httpd/conf.d/ssl.conf
DocumentRoot “/var/www/html”
ServerName localhost/protected
systemctl restart httpd
i am getting the below page.


i am not sure if i am following the correct approach or anything is missing

1 Like

Hi @hprasanna

You are almost there but still missing few things, I can not share the answer but you can try to figure out what exactly you are missing.

Thanks
Inderpreet

Hi Inderpreet,

I have modified the authnz_external.conf file like below
<Location /etc/var/www/protected>
AuthType Basic
AuthName “Restricted”
AuthBasicProvider external
AuthExternal pwauth
Require user kareem

in addition to this i have also modified userdir.conf file like below
UserDir enabled kareem
UserDir protected
<Directory “etc/var/www/protected”>
## Apache 2.4 users use following ##
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS

i am still not getting getting the expected result. when trying to access localhost/protected, getting bad gateway error

I would like to confirm the task after entering username & password.
Trying to connect servers through load balancer, but its just connecting… no progress…

Any help would be appreciated… @Inderpreet

finally Connected. Completed the task successfully. @Inderpreet.
Thank you.

@hasmukhrathod: could you please let me know if the above process what i am following is correct or what am i missing. how to give url in the port path and get to this page.

1 Like

@Inderpreet

I’m getting default welcome page, can you give some tips on how to get the log in prompt.

I’m trying to untar these files but it’s not working

root@stapp03 etc]# tar zxvf mod_authnz_external-3.3.2.tar.gz

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
[root@stapp03 etc]# tar zxvf pwauth-2.3.11.tar.gz

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
[root@stapp03 etc]#

Can you give some tip to proceed further, got stuck on this step , getting web page but its not prompting for credentials.

Any suggestion on this would be very helpful

Thanks,

Hello,

This is one of the useful link (but you might need to customize few changes as asked in the question). https://www.server-world.info/en/note?os=CentOS_6&p=httpd&f=12

Thanks
Inderpreet