Ȼ/07

Top / Ȼ / 07

24ŸäƤ櫓ǤϤʤФˤĤƤο

μȤǡƥкȤƤ OS, Ports/Pacages ȾưŪȼˤĤƳؤ24ŸäƤȾưŪ˾åǤƤ륷ƥǤϤʤ, ȾưͭǤϤʤ.
ĤޤꡤŸ줿Ȥ˥ƥξåԤʤ.
ư˼ưŪ˹Ԥ褦ˤƤ褤ǤγؽƤ褫ƴñǽưŪ˹ԤȤͤ褦.

notes.png ŪˤϡŸ줿ʤ٤ϰʲκȤԤ.

(OS ΥС󤬸ŤʤΥå˻Ȥ)

 freebsd-update fetch 

(󥹥ȡ뤵Ƥ Ports/Packages ȼΥå)

 portaudit -adF  

warning.png ȼͭ褦ʤн褹褦褦

(Ports ι)

 portsnap fetch
 portsnap update

(󥹥ȡ뤵Ƥ Ports/Packages ɤ줯餤Ťλͤ. ϻ֤ΤǾ˱.)

 portupgrade -na 

Хӥ: web ФˤĤƳ

ơͥåȥӥǤܤץ Web ФºݤưƤߤ褦.


Web Фؤ³ͻ
[Web Фؤ³ͻ]




Web ȤȤߤϥץǤ褦߷פ줿ΤǤΤǡοޤˤߤ褦˴ܹ¤ϤȤƤ򤷤䤹.
warning.png ܤϥץʤΤξŸƤѵѤϺȤʤäƤϷ빽ʣǡƤİϴñǤϤʤ.
warning.png ܺ٤ϸ뤬̤ Port 80 ̾ Web Τ(HTTP)˻ȤPort 443 SSL Ǥ web ΤȤ(HTTPS)˻Ȥ뤳Ȥ¿.

ȤȤǡ Web ФѰդưƤߤ.

Web Хեȥ Apache

web ФȤˤ꤫ĺǤɤȤΤϸǤApacheǤ(http://www.apache.jp/old_info/misc/history.html ܸǤ줿 Apache β⤬).
Apache Software Foundation( http://www.apache.org, http://httpd.apache.orghttp://www.apache.jp 򻲾Ȥ)dzȯƤ.
ȼä˽Ȥʤ꤬ webХץȤƤϡֹȤƤơ᤯ΤפΤȤΤ褤.

󥹥ȡν

ѤΥ饤󥹳ǧ

notes.png եȥƳȤϡޤϤȤ⤫饤󥹤ǧ褦. Ūˤ Apache Software Foundation Web ܤõɤ⤦*1.

󥹥ȡ뤵Ƥʤå

notes.png Web Ф˥󥹥ȡ뤵ƤꡤưƤꤷʤå褦. Ūˤϡ

  • ޤ/etc/rc.conf ɤߡޤ/usr/local/etc/rc.d (ǥ쥯ȥ)򸫤ơapache httpd ʤɤε/¸ߤʤɤ̵å.
  • ˡ
     pkg_info | grep -i apache
    νϷ̤ߤ, Ports/Packages Ȥ Apache 󥹥ȡ뤵Ƥʤå.
    ⤷⥤󥹥ȡ뤵Ƥ褦ʤСκȤΤˤΥСֹ򹵤Ƥ(ʤߤˡǤκǿС 2.2.17_1 Τ褦)
  • ˡ
     ps -axuww | grep -i http
    νϷ̤ߤ, web server तưƤʤ(֤ httpd Ȥ̾ưƤ뤿)å.
  • ˡ
     lsof -i4 | grep -i http
    νϷ̤ߤ, ͥåȥӥȤ httpd ưƤʤå.

嵭Ƥޤå褦.
ΤĤ꤬ʤΤ apache 󥹥ȡ뤵ƤȤ褦ʾ硤
ΥС 1.3 Ϥ 2.0 ϤȾ䥳Τǡǰΰ٤ˤä󥢥󥤥ȡ뤷Ƥ( pkg_deinstall ȤФ褤)

󥹥ȡ뤹٤Сİ

ȤꤢǿСǤ褤褦˻פ줰餤礭ʥեȥȤ⤤ʤȤ⤢.
ǡ礶äѤǤ褤ΤǥСˤ㤤ɤʤΤĴ٤Ƥ.
ޤʬ apache ˤϸߤ 1.32.02.23ĤΥС󤬤.

notes.png ˤɤΤ褦ʰ㤤Τ礶äѤˤǤ褤ΤǤ٤. λܤ٤ݥȤϡ

  • ǽѹϤɤ Ȥơ
  • 饤󥹤ѹϤʤ
  • ѤǤĶ(OS äȤʤ륽եȥΥС)ѹϤɤ
  • ꤷưƤ
  • ޥ˥奢Ͻ¤Ƥ뤫

ʤɤˤʤ.

󥹥ȡ

ơ 1.3 Ϥ 2.0 Ϥ󥹥ȡ뤵Ƥʤо˽񤤤褦˥󥤥󥹥ȡ뤷Ƥ 2.2Ϥ򥤥󥹥ȡ뤷2.2ϤξŤΤ󥹥ȡ뤵Ƥʤ portupgrade ǥС󥢥åפ뤳Ȥˤʤ롥

󥹥ȡξ: Ports Ѥƥ󥹥ȡ

ƥ󥹥ȡ ports Υ󥹥ȡǤ褤ĤȤ줬褤.

notes.png ޤĤΤ褦ˡ

 portsnap fetch
 portsnap update

Ȥǰΰ٤ ports ǿΤΤˤƤ顤psearch Ȥä apache ɤˤ뤫Ĵ٤褦
¿ʬʤ顤õ٤ "apache22" Ǥ뤳Ȥ򶵤Ƥ

ơĤΤ褦 portinstall Ȥäƥ󥹥ȡ뤹.

 cd /usr/ports
 portinstall www/apache22

ver. 2.2.17 Υ󥹥ȡ뤬Ϥޤ(μ½٤ƹԤͤˤäƤ 2.2.18 ˤʤäƤ뤫).

Ф餯ȡApache Υ󥹥ȡ륪ץʹƤ뤳ȤΤǡϡ

  • IPv6 Υå򳰤 (μȤǤ IPv6 ϻȤʤΤ)

ѹ뤰餤ǡȤϤΤޤޤǿʤƤ褤(mod_dav mod_dav_fs ⳰Ƥ褤⤷ʤ).

warning.png Ports Υ󥹥ȡ륪ץϰꤹȵϿ졤Ϥ꤬Ȥ褦ˤʤäƤ.
Τᡤְ㤨򤷤ƤޤäΤǥ󥹥ȡľȤ褦ʾϺ.
ϡ/var/db/ports βˤ륪ץ󤬵Ͽ줿ե options õƤ饤󥹥ȡ뤷褦. кƤӥץҤͤƤ.

warning.png 礭ʥեȥǤ, 󥹥ȡ˽פʤɤ̤˽Ϥ.
ƨѤʤȤˤʤ뤳Ȥ⤢Τǡ̤ܤ̤Ȥ˺ƤϤʤ.
뤬®¿ʬɤߤʤPorts ǥ󥹥ȡ뤷ϡĤ褦˰ꤷƤΤǡΥ򥤥󥹥ȡ뤬äȤˤäɤФ褤.
Ports Υ󥹥ȡϡ̤ʤ /var/log/ports ʲˤϤ.

notes.png 󥹥ȡ뤬ä顤󥹥ȡɤǡʤɤʤå褦.
Apache Υ󥹥ȡɬפʡ¾Υեȥפ˥󥹥ȡ뤵, ˤĤ¸ߤ뤳ȤͤΤǡ

 cd /var/log/ports
 ls -lgaF

ʤɤȤƥեդåơApache Ȱ˥󥹥ȡ뤵줿Ȼפ뿷եȤΥեƤˤʤ٤ܤ̤.

ºݡΥǥ쥯ȥˤ www::apache22.log ɤ(եκǽʬϤФ餯ϥץ̤ΤΥץ󥹤ɤߤˤؿʤ)
åսʬȴФȰʲΤ褦ˤʤ.


(: ץľ夰餤)

To enable a module category: WITH_<CATEGORY>_MODULES

To disable a module category: WITHOUT_<CATEGORY>_MODULES


Per default categories are:

AUTH AUTHN AUTHZ DAV CACHE MISC

Categories available:

AUTH AUTHN AUTHZ CACHE DAV EXPERIMENTAL LDAP MISC PROXY SSL SUEXEC THREADS


To see all available knobs, type make show-options

To see all modules in different categories, type make show-categories

You can check your modules configuration by using make show-modules

ץ On/Off 丽꤬ɤʤäƤ뤫Τˡ.
ϤȤꤢˤʤƤ褤.



(: ºݤΥ󥹥ȡ뤬ϤޤäƤ)

Package openssl was not found in the pkg-config search path.

Perhaps you should add the directory containing `openssl.pc'

to the PKG_CONFIG_PATH environment variable

openssl package äƤʤ? Ȥå
ǽ餫饷ƥäƤФȤꤢʤΤǡΤޤޤǤ褤(⤷äƤʤФ˰㤦åϤ)




(󥹥ȡºȤΤΤۤܽäȤ)

To run apache www server from startup, add apache22_enable="YES"

in your /etc/rc.conf. Extra options can be found in startup script.

Apache 򡤥еư(ưŪ)ư褦ˤФޤ٤ץϵưץȤ˽񤤤ƤϤȤä.
warning.png 빽פʥå. ƨʤ褦ˤ褦.
warning.png ưץȥեϡƤ /usr/local/etc/rc.d Ȥǥ쥯ȥ֤.



Your hostname must be resolvable using at least 1 mechanism in

/etc/nsswitch typically DNS or /etc/hosts or apache might

have issues starting depending on the modules you are using.

ޥΥۥȥ͡ब /etc/nsswitch.conf ǻꤵ줿ˡDzǤ(=ۥȥ͡फ IP 狼Ȥ̣)褦ˤƤ衤Ǥʤ apache ꤬뤫衤Ȥä
ǧȤΤǤС

 dig `hostname`

ȤơʬΥޥ IP Ϥ褦ʤפ
ǥʤ顤/etc/hosts įƤߤơ˾󤬽񤤤Ƥ뤫å롥񤤤ƤФޤס
Ǥʤ顤ޤǤ꤬뤫ΥФ꤬Τǡ TA ˿Ҥͤ褦

åץ졼ɤξ

portpupgrade Ȥäƥåץ졼ɤɤ

Apache εư

󥹥ȡ⤷ϥåץ졼ɤλ顤apache ư褦

ư

notes.png ޤ OS ֡Ȼ Apache ư褦ˤ褦.
˻ꤵ줿褦˺Ȥ򤷤Ƥ顤֡Ȥ褦.

ưå

ơǴ˵ư Apache ư褦ˤʤäƤϤ.

notes.png ǡΤ˵ưƤ뤫ǧ褦.

  • ޤϾǥ󥹥ȡ˥å lsof ˡȤΤ褤.
  • ˡưƤʤФ (lynx, w3m, firefox ) Web Browser http://localhost/ ˥Ƥߤ褦. "It Works!" ʤɤɽ Apache μ¤ưƤ.

warning.png ưƤʤϤɤäƸͤߤФ褤?
㤨СνĴ٤Ф褽ͤߤ褦.

  1. /var/log/ β httpd-error.log Ȥ褦ʥե뤬뤫Ĵ٤. 줬̵褦ʾϡApache ϡֵư褦Ȥ餷ʤäפȤȤʤΤǡ/etc/rc.conf ˽񤭤ʸΥڥߥʤɤȤǽ⤤.
    ڥߥĤʤϡưˤ apache ưߤƤλ˽Ф륨顼å򸫤褦
    ư apache ưˡˤĤƤϸҤƤΤõɤǤߤ褦
  2. /var/log/httpd-error.log ɤ. Apache εưεϿϤ. [alert] ʤɤȤĽ꤬ФŦƤĽʤΤǡΥå򤷤äɤ򤷤褦.

notes.png ˡCGI (Common Gateway Interface)ΥƥȤ³ΥåͤƺȤ褦.
Ūˤϡ

 cd /usr/local/www/apache22/cgi-bin
 chmod aog+x ./printenv

Ȥơץ cgi ưĤФƤ顤٤ http://localhost/cgi-bin/printenv ³Ƥߤ褦.

DOCUMENT_ROOT="/usr/local/www/apache22/data"

GATEWAY_INTERFACE="CGI/1.1"

HTTP_ACCEPT="text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"

HTTP_ACCEPT_CHARSET="EUC-JP,utf-8;q=0.7,*;q=0.7"

HTTP_ACCEPT_ENCODING="gzip,deflate"

HTTP_ACCEPT_LANGUAGE="ja,en-us;q=0.7,en;q=0.3"

HTTP_CONNECTION="keep-alive"

HTTP_HOST="localhost"

HTTP_KEEP_ALIVE="115"

HTTP_USER_AGENT="Mozilla/5.0 (Windows; U; Windows NT 5.1; ja; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8" web browser ξ

PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:/root/bin"

QUERY_STRING=""

REMOTE_ADDR="127.0.0.1" ۥ

REMOTE_PORT="53511"

REQUEST_METHOD="GET"

REQUEST_URI="/cgi-bin/printenv"

SCRIPT_FILENAME="/usr/local/www/apache22/cgi-bin/printenv"

SCRIPT_NAME="/cgi-bin/printenv"

SERVER_ADDR="127.0.0.1" ФΥɥ쥹

SERVER_ADMIN="you@example.com" Фδ

SERVER_NAME="localhost" Ф̾

SERVER_PORT="80"

SERVER_PROTOCOL="HTTP/1.1"

SERVER_SIGNATURE=""

SERVER_SOFTWARE="Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n" եȥγ

UNIQUE_ID="TOOy2sCo6IAAAATg5UAAAAAF"

Ȥ褦ɽФơ³ȤδĶ狼.
Web ФξɤʬʤĤȤ褦ʻϤƴܾ褦.

notes.png ʤξïˤǤ⸫ƤޤΤɤʤΤǡʲΤ褦ˤƥץ cgi ưʤ褦˸ᤷƤ.

 cd /usr/local/www/apache22/cgi-bin
 chmod aog-x ./printenv

warning.png CGI ȤϤñ˸ WebФ˥ƥоưץǤ. ƥΡַפȤʤ䤹ΤǡCGI ˤĤƤäտȤ褦.

˼ư apache ư᤿ꤹˡ񤤤Ƥ.
ưǵưʤС

 /usr/local/etc/rc.d/apache22 start

Ȥưǻߤ᤿

 /usr/local/etc/rc.d/apache22 stop

ȤФ褤.

notes.png ơapache ̵˵ưƤ뤳ȤޤdzǧǤưǤä apache 褦.
ƺƤ webbrowser http://localhost/ ˥ơ apache ޤäƤ뤳Ȥǧ褦.

Apache

¤

apache ե /usr/local/etc/apache22 ʲ֤Ƥ.
ơ¤Ԥ.

notes.png ޤweb ФȤƤδե httpd.conf ǤΤǤԽ.
warning.png ֽפʡץեԽȤϸΥեΥХååפȤäƤ. ˡϸŪǤ⹽ʤ. 㤨СŪˤϡ

 cp httpd.conf httpd.conf.ORG

ʤɤȤФ褤.

ѹΤϰʲǤ.

ServerAdmin
web ԤΥ᡼륢ɥ쥹. ץ뤬񤤤ƤΤǤ狼.
DocumentRoot
web Υ롼ȤȤưǥ쥯ȥ.
ǥեȤǤ /usr/local/www/apache22/data ȤʤäƤ뤬apache ΥСֹ椬äƤꤷƤʤȤؤ(ޤ٤ǤϤ뤬)ƥ̤ǥեȤΤޤޤˤƤʤ褦ˤ褦.
ǡ˥ǥ쥯ȥ(㤨 /usr/local/web_dir/top ʤ)ʤɤ*2ѰդƤ, 񤭴Ƥ.
϶Ūˤ

DocumentRoot "/usr/local/www/apache22/data"

ȤԤ򤳤

DocumentRoot "/usr/local/web_dir/top"

Ƚ뤳Ȥˤʤ.
ޤDocumentRoot Ȥ˴ؤʬ <Directory "/usr/local/www/apache22/data">ʤɤ˽񤤤ƤΤǡ⼫ʬˤ碌ľƤ. Ūˤ

<Directory "/usr/local/www/apache22/data">

<Directory "/usr/local/web_dir/top">

ľȤˤʤ.
ScriptAlias
cgi ֤. ǥեȤΤޤޤǤϤʤʤΤǡŬ˿ǥ쥯ȥ(㤨 /usr/local/web_dir/cgi ʤ)äƤ顤ѹ褦. ξϡ

ScriptAlias /cgi-bin/ "/usr/local/www/apache22/cgi-bin/"

Ƚ񤤤Ƥʬ㤨

ScriptAlias /cgi-bin/ "/usr/local/web_dir/cgi/"

Ƚ뤳Ȥˤʤ(ǸΥå˺ʤ褦!!). ޤˤĤƤ

<Directory "/usr/local/www/apache22/cgi-bin">

<Directory "/usr/local/web_dir/cgi">

ȽʤȤȤʤΤդ褦.

notes.png Ǥϡ꤬ѹǤå褦.
ޤѰդ DocumentRoot 㤨мΤ褦ŬƤ index.html եѰդ褦.

<html>

ʤǤ褤Τǽ.Ȥꤢե٥åȤΤߤǽ񤤤褤

</html>

apache ưǵưhttp://localhost ˥ơּʬѰդ index.htmlפȤ뤳Ȥǧ褦.

notes.png ˡcgi ΰ̣ϤŪͤ cgi ΥƥȤԤ.
ޤ*3

#!/bin/csh -f

echo "Content-type: text/plain; charset=iso-8859-1"

echo ""

echo ""

/usr/games/fortune

Υե web-test Ȥ̾Τ(ʬꤷ) cgi ǥ쥯ȥ֤.
warning.png ǸιԤDzԤƤʤ fortune ¹ԤʤΤDzϤʤ. ȲԤ褦.

ˤΥեμ¹ԥѡߥåꤷ褦.

 cd (ʬꤷ cgi ǥ쥯ȥ)
 chmod aog+x ./web-test

ԤäƤ顤 http://localhost/cgi-bin/web-test ˥Ƥߤ. Τä fortune η̤ web browser ˽ϤΤ.
ޤäƤǰΰ٤˼¹ԥѡߥåȤƤ.

 cd (ʬꤷ cgi ǥ쥯ȥ)
 chmod aog-x ./web-test

ơޤǤޤä¤ OK ʤΤ apache Ƥߤ褦.

Apache εǽĤ

TLS (Transport Layer Security) / SSL (Secure Sockets Layer)

ޤǤ Apache ؤ Web ³ǤΡHTTP³פǡ(port 80 ǹԤƤ) ¤ϥǡ֤ΤޤޡץͥåȥήƤ.
Ĥޤꡤͥåȥ˵ޥʤɤ鸫ήƤǡϴݸǤꡤ̩ˤפʥǡʤɤήʤʾ֤Ǥ롥

ͥåȥ̿Ź沽ˡˤĤ¸ߤ.
ΰĤǤ TLS (Transport Layer Security) ( SSL(Secure Sockets Layer))Ȥäơweb Ѥ̿ץȥ HTTP 򤽤ξѤŹ沽 HTTP, ¨ HTTPS(HTTP over SSL) Ȥ褦ˤƤߤ褦.
warning.png TLS/SSL ŪʻȤߤǤꡤHTTP ʳ̿ܤ뤳ȤǤ.

ޤƥΤ TLS 󶡤뵡ǽñ˽Ҥ٤Ƥȡ

Ź沽
̿ƤŹ沽. ȤŹ 57٤.
θ
Ȥꤹï˲⤵ƤʤФǤ.
ǧ
³꤬̾äƤȤ꤫פ. ̾ϥ¦򸫤뤬(ɬפʤХץ)饤¦򸫤褦ˤǤ.

λǤ.
Ź沽ȲθФˤĤƤϥФȥ饤ȤδطΩ뤬
ǧڤˤĤƤϡ軰(ǧڶ)ˤ뤽ξݾڡפɬפǤ.
notes.png TLS/SSL ˤĤơ˾ܤĴ٤Ƥ.

ơHTTPS ȤϤ褦.

ˤϤޤTLS/SSL ΤΤν򤷤ʤȤʤ.
TLS/SSL ȤˤϾ3ĤεǽΤǧڤΤˡѰդʤȤʤ.
ݾڤŻҽ̾Ԥǧڶɤ˺Ȥꤹˤ̾Ѥ뤷³⤽ʤ˻.

ǡܼȤǤϼʬǼʬݾڤƾäƤޤ.
warning.png ¯˸"쥪" Ǥäơǧڤˤ꤬. ޤ finger print ϤʤɤΡְʷϩǡꤷƳǧʤɤǤΤϤǤȻפɡ ޤ̩ apache.key ΤϰŹ沽ƤʤΤǼ갷դ.

notes.png ŪˤϰʲΤ褦˺Ȥ뤳ȤǾ(apache.crt)Ǥ.

 cd /usr/local/etc/apache22
 openssl genrsa -out apache.key 1024
 openssl req -new -x509 -days 365 -key apache.key -out apache.crt  

ǸξˤĤ䤵Τǡ㤨аʲĻΤ褦Ŭڤ褦.

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [AU]:JP

State or Province Name (full name) [Some-State]:Osaka ʤ

Locality Name (eg, city) []:Toyonaka ʤ

Organization Name (eg, company) [Internet Widgits Pty Ltd]:Osaka Univ. ʤ

Organizational Unit Name (eg, section) []:Faculty of Science ʤ

Common Name (eg, YOUR name) []:web ФȤƤ̾񤯡㤨Сq09.cl.math.sci.osaka-u.ac.jp ʤ

Email Address []:дԤΥ᡼륢ɥ쥹

ȡapache.crt Ȥ(ͭ 365Τ)ǤƤϤ.
warning.png openssl ˤĤƤ man openssl ǡopenssl req ΥץˤĤƤ man req ǥޥ˥奢ɤळȤǤ.

ǡƤٳǧƤ.

 openssl x509 -in apache.crt -text

ȤƤϤΤǡߤƤ.

notes.png ˡHTTPS եľ.
/usr/local/etc/apache22/extra/httpd-ssl.conf եʤΤǡ <VirtualHost _default_:443> ʬ褦.
ŪˤϰʲΤ褦ˤ褦.
warning.png 󤳤Υե˥ХååפäƤ.

DocumentRoot
äͳʤо DocumentRoot ƱˤƤȤ褤.
ServerName
֤ݤΡ̾ˤʤ. ϥƥȤʤΤǥޥ̾Ǥ褤. 㤨 q3000.sci.osaka-u.ac.jp ȤޥʤС

ServerName q3000.sci.osaka-u.ac.jp:443

Ƚ񤯤Ȥˤʤ. ʤߤˡꤹʤ httpd.conf ServeName ȤܤƱͤ

ServerName q3000.sci.osaka-u.ac.jp:80

ꤷƤ̷⤬ʤƤ褤.
ServerAdmin
ʬΥ᡼륢ɥ쥹ѹƤ.
SSLCertificateFile
Ǻäե "/usr/local/etc/apache22/apache.crt" ľƤ.
SSLCertificateKeyFile
Ϥäե "/usr/local/etc/apache22/apache.key" ľƤ.

ˡ/usr/local/etc/apache22/httpd.conf

# Include etc/apache22/extra/httpd-ssl.conf

Ƚ񤤤ƤԤιƬ # äƤιԤͭˤ褦.

Ͻλ. apache 򤤤äƤ鵯ư https://localhost ˥ơΤ https ³Ǥ뤳ȤΤ褦.
(ǤС Common Name ǻꤷ̾ǥ褤㤨Сq09.cl.math.sci.osaka-u.ac.jp ʤСhttps://q09.cl.math.sci.osaka-u.ac.jp/ Ȥƥ褦)
쥪ʤΤǡ֤?פȿҤͤΤǡפȤؿʤ³褦.
ʤfirefox ʤɤȡhttps ³ƤȤϥץβ¦˸Υޡɽ줿ꤹΤdzǧ䤹.

warning.png "쥪" ϤʤΤǡꥹ.

notes.png "쥪" δˤĤĴ٤Ƥ.
ĿŪˤϹڹ "ڹ" 20071125ε( http://takagi-hiromitsu.jp/diary/20071125.html )ʤɤ褯狼äƤ褤Ȼפ.

Apache ʵǽ: Basic ǧ / Digest ǧ

Apache ˤϼ¤¿εǽ.
ΰĤǤǧ(Basic ǧڤ Digest ǧڤ)ˤĤΤ.
ϥݤ˥桼̾ȥѥɤϤ׵ᤵ륢ȥ뵡ǽΰǤ.
ǥ쥯ȥեñ̤꤬ǽǡñʤʤΤǡȤ褦ˤʤäƤȤ褤.
warning.png Basic ǧڤϥƥŪˤϤޤǤǤϤʤDigest ǧڤϾŤΥ֥饦ϻȤʤ.

Basic ǧ

ޤϤȤꤢ Basic ǧڤȤäƤߤ褦.

notes.png Basic ǧڤˤɤΤ褦ʥƥ꤬뤫Apache 2.2ޥ˥奢Ρǧڡǧ( http://httpd.apache.org/docs/2.2/ja/howto/auth.html )ɤĴ٤Ƥ.

ơºݤˤäƤߤ褦
notes.png ޤоݤȤʤǥ쥯ȥѰդ.
(ʬꤷDocumentRoot)β test Ȥǥ쥯ȥꡤ basic ǧڤƤߤ褦.
Ȥ櫓ǡޤϥǥ쥯ȥ褦.

notes.png ˥Ȥȥѥɤޤѥɥե.
ѥɥեϡ DocumentRoot ʲˤϺʤפ褦ˤʤȳɤƤޤ⤷ʤᡤ򤱤褦.
㤨 /usr/local/etc/apache22/Includes ˺Ȥȡ

 cd /usr/local/etc/apache22/Includes
 htpasswd -c ./passwdfile test-user 
 桼 "test-user" Υѥɤ򿷵˹ͤ

ȤФ褤.
warning.png ˤΥѥɥե뤬¸ߤΤ "-c" ץĤ htpasswd ¹ԤȤΥեȤϾäƤޤΤǡ"-c" ĤȤϤ줰⿵Ť.

ǰΰ٤ˤΥեɤǤߤơΤ˥桼̾ȥѥ(Ź沽Ƥ)ǼƤ뤳ȤǧƤ.

Basic ǧڤͭˤΤŪˡϰʲबäơ

  • ƥ¦ꤹˡ(httpd.conf Ǥ)
  • ƥǥ쥯ȥ .htaccess եꤹˡ

줾.
桼ʬǤԤȤ(ʬꥹΤǡѤκݤϤäĴ٤Ƥ)ΤǺϸԤǤäƤߤ褦.

notes.png ǤϡBasic ǧڤºݤͭˤ褦.
ޤΤνȤơޤ httpd.conf <Directory "(ʬꤷDocumentRoot)"> ʲˤ

AllowOverride None

ȤԤ

AllowOverride AuthConfig

ˤƤ.
warning.png "AllowOverride ..." ȤԤʣΤǡսְ㤨ʤ褦.

ˡѰդ test Ȥǥ쥯ȥʲ˼Ƥ .htaccess Ȥե.

AuthType Basic

AuthName "basic auth test!"

AuthUserFile /usr/local/etc/apache22/Includes/passwdfile

require user test-user

줫顤Υǥ쥯ȥ˼Τ褦Ƥ index.html ѰդƤ.

<html>

The basic auth function test was successful.

</html>

apache ƤƤ apache ư Basic ǧڤͭˤʤäƤϤ.

notes.png ǧڵǽޤƯǧƤߤ褦.
http://localhost/test (Ѱդǥ쥯ȥ) ˥Ƥߤơ桼̾ȥѥɤʹϤʤΤǡtest-user Ȥ桼̾졤ʬǾꤷѥɤƤߤ褦.
̵Ǥơ "The basic auth ... "Ȥɽߤ OK .

notes.png ᤯ʤ˺¤äƤͤǧڵǽȤ褦˾ɲäơƤ餪.
Ūˤϡ

 cd /usr/local/etc/apache22/Includes
 htpasswd ./passwdfile οѤΥ桼̾
 Υ桼Υѥɤ򿷵˹ͤ

ȤƤ顤Υǥ쥯ȥˤ .htaccess require Ԥɲä桼ʲΤ褦˲äơ

require user test-user ɲå桼̾ ڡǶڤ

Ȥ뤫

Require valid-user

ľ.
ơοͤ Web ֥饦ǼʬΥۥȤФ http://q**.cl.math.sci.osaka-u.ac.jp/test (ʬΥۥ̾/Ѱդǥ쥯ȥ) Ȥƥ㤤Ʊͤ˥桼̾ȥѥɤƥǤ뤫ߤΤǤ.
warning.png Ԥ "Require valid-user" ϡѥɥե˽񤫤Ƥ桼Ƥоݤˤʤ롤ȤǤ.
warning.png 桼䤹ˤϡ¾ˤ Group եѤˡǡ١Ȥˡʤɤ. ŪˡϾˤ⼨ Apache 2.2ޥ˥奢Ρǧڡǧ( http://httpd.apache.org/docs/2.2/ja/howto/auth.html )ʤɤǫ˽񤤤ƤΤǻȤ.
warning.png htpasswd ǥ桼ɲáפȤ "-c" ץ󤬤ʤȤդ.

Digest ǧ

Digest ǧڤ򤷤Ƥߤ褦. ƥ Basic ǧڤ깥ޤΤǡ줬ʤȤϤȤ褦ˤ褦.

ǥ쥯ȥΤΤ򤽤Τޤ޻ȤȤ褦.

notes.png ơDigest ǧѤ˿Ȥȥѥɤޤѥɥե.
ѥɥե־Фդ BasicǧڤƱǤ.
ơ֤ƱǤ褤.
ơŪˤϺȤϰʲΤ褦ˤʤ.

 cd /usr/local/etc/apache22/Includes
 htdigest -c ./passwdfile-digest "Digest auth test" digest-test-user
 桼 "digest-test-user" Υѥɤ򿷵˹ͤ

warning.png ˤΥѥɥե뤬¸ߤΤ "-c" ץĤ htdigest ¹ԤȤΥեȤϾäƤޤΤǡ"-c" ĤȤϤ줰⿵Ť.
warning.png htdigest ޥɤܤΰȤ realm (ǧڤоϰϤȤǤ⤤)ɬפȤʤ. "Digest auth test" ˤ. ơ realm .htaccess AuthName ȤƻȤΤdzФƤ.

ˡ testǥ쥯ȥ .htaccess ե Digest ǧѤ˽褦.
ŪˤϼΤ褦ˤʤ.

AuthType Digest

AuthName "Digest auth test" htdigest ޥɤϤΤȴ˰פ뤳!

AuthUserFile /usr/local/etc/apache22/Includes/passwdfile-digest

require user digest-test-user

ĤǤ index.html 礳äľƤ.

<html>

The digest auth function test was successful.

</html>

OK .

notes.png ǧڵǽޤƯǧƤߤ褦.
http://localhost/test (Ѱդǥ쥯ȥ) ˥Ƥߤơ桼̾ȥѥɤʹϤʤΤǡtest-user Ȥ桼̾졤ʬǾꤷѥɤƤߤ褦.
̵Ǥơ "The digest auth ... "Ȥɽߤ OK .

notes.png ᤯ʤ˺¤äƤͤǧڵǽȤ褦˾ɲäơƤ餪.
Ūˤϡ

 cd /usr/local/etc/apache22/Includes
 htdigest ./passwdfile-digest "Digest auth test" οѤΥ桼̾
 Υ桼Υѥɤ򿷵˹ͤ

ȤƤ顤Υǥ쥯ȥˤ .htaccess require Ԥɲä桼ʲΤ褦˲äơ

require user digest-test-user ɲå桼̾ ڡǶڤ

Ȥ뤫

Require valid-user

ľ.
ơοͤ Web ֥饦ǼʬΥۥȤФ http://q**.cl.math.sci.osaka-u.ac.jp/test (ʬΥۥ̾/Ѱդǥ쥯ȥ) Ȥƥ㤤Ʊͤ˥桼̾ȥѥɤƥǤ뤫ߤΤǤ.
warning.png Ԥ "Require valid-user" ϡѥɥե˽񤫤Ƥ桼Ƥоݤˤʤ롤ȤǤ.
warning.png 桼䤹ˤϡ¾ˤ Group եѤˡǡ١Ȥˡʤɤ. ŪˡϾˤ⼨ Apache 2.2ޥ˥奢Ρǧڡǧ( http://httpd.apache.org/docs/2.2/ja/howto/auth.html )ʤɤǫ˽񤤤ƤΤǻȤ.
warning.png htdigest Ǥ桼ɲáפȤ "-c" ץ󤬤ʤȤդ.

ݡ

TLS/SSL ˤĤĴ٤. äˡǧڤ "쥪" ˤĤơΥƥꥹĴ٤.
ޤBasic ǧڤ Digest ǧڤΰ㤤Ĵ٤.

ޤweb ФˤޤĤ뤽¾Υƥꥹ(ȼ)ˤĤƤĴ٤.
ä httpd.conf "Allowoverride AuthConfig" ǤϤʤ "Allowoverride All" Ȥɤ줯餤Τ褯Ĵ٤.

ޤԤäȤˤĤ𤻤.
Ƽ

  1. °(ز)
  2. ֹ
  3. ǯ
  4. ̾
  5. οΥݡ(θȤˤĤƵŤ)

񤯤Τ˺ʤ褦.
ݡȤϤַפ鳰ɤǤ館ʤȤ⤢롥ϳ餷Τʤ褦դ褦

about Icons, ClipArts

Some icons in this page are downloadable at ICONFINDER.

The "note" icon notes.png designed by Marco Martin is distributed with the LGPL licence,
the "warning" icon warning.png designed by Alexandre Moore with the GPL licence
and the "triangle" icon JNorth_arrow-right-sm.png designed by Joseph North is distributed with the Creative Commons (Attribution-Noncommercial-Share Alike 3.0 Unported) licence.

Some clip arts used in this page are downloadable at Open Clip Art Library.
We deeply appreciate their superb works. With licence, they describe that "the actual clipart content on open clipart library is Public domain" in the web.


*1 ʬΥޥ˻˥󥹥ȡ뤷ƤߤʤФʤʤȤ¿ˤƤ⡤
*2 ǥ쥯ȥκޥɤ mkdir .
*3 Content-type θ˶ԤϤʤȤʤʤʤΤǤ̤˽񤯤٤.