diff options
Diffstat (limited to 'sample')
| -rw-r--r-- | sample/src/index.xml | 6 | ||||
| -rw-r--r-- | sample/src/passwd_protect/index.xml | 27 |
2 files changed, 33 insertions, 0 deletions
diff --git a/sample/src/index.xml b/sample/src/index.xml index c5ec849..4363cb6 100644 --- a/sample/src/index.xml +++ b/sample/src/index.xml @@ -64,5 +64,11 @@ <title_description>Supplemental files distributed within the album</title_description> </item> + <item path="passwd_protect"> + <title>Restricted area</title> + <title_description><![CDATA[Password protected access<br/><br/>user/pass: test/test]]></title_description> + <thumbnail src="CIAF_1/img_6802.jpg" /> + </item> + </items> </gallery> diff --git a/sample/src/passwd_protect/index.xml b/sample/src/passwd_protect/index.xml new file mode 100644 index 0000000..10225fa --- /dev/null +++ b/sample/src/passwd_protect/index.xml @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="utf-8"?> +<gallery type="album"> + <general> + <ID>Restricted area</ID> + <title>Restricted area</title> + <description><![CDATA[Welcome to restricted area! You should have been presented a standard HTTP authentication dialog. If that didn't happen, your web server configuration is probably incorrect. Note that this natually doesn't work when opened locally (<code>file://</code> URL). + <br/><br/> + This feature requires web server user htaccess override enabled as well as the particular authentication modules loaded. All subdirectories (including the current album images) should be protected the same way through automatic parenting. It's usually sufficient to only set password for top-level path you want to protect. Please note this implementation is not bulletproof in any way, a simple configuration error or missing file will bypass any protection. See <a href="http://httpd.apache.org/docs/2.2/howto/auth.html">httpd.apache.org/docs/2.2/howto/auth.html</a> for more information. + <br/><br/> + CGG will automatically create new password file and will add necessary lines in <code>.htaccess</code> file (appending if it exists). By default, MD5 hash is used. The <code>htpasswd</code> tool needs to be installed as Apache uses it's own MD5 hash modification. Check e.g. <code>apache-tools</code> package. + <br/><br/> + All of this has a culprit however. For security reasons, the webserver (Apache) disallows relative pathnames to the password file and requires either absolute path or relative path to ServerRoot (basically document root for the domain). Also, storing the password file within the document tree is discouraged though it's fully satisfactory for our needs. A new <location> section in <code>setup.xml</code> file has been introduced. Having a correct path in the <local_path> tag is the key to success. + ]]></description> + + <auth> + <!-- ID of the area, the message will also be presented to user --> + <realm>Secret pictures</realm> + <username>test</username> + <!-- plain text password please, will be encrypted during processing --> + <password>test</password> + <!-- we only support mod_auth_basic, adding support for mod_auth_digest would be nice --> + <type>Basic</type> + </auth> + </general> + +</gallery> + |