I share my admin account with other person and I would like to protect some pages or actions in MOR to be available only for me

From Kolmisoft Wiki
Revision as of 08:24, 17 August 2011 by Admin (talk | contribs)
Jump to navigationJump to search

About

This is an advanced configuration, most probably your desired setup can be achieved with accountant permissions.


How to protect some page/actions using simple Apache password?

For this example we will setup Apache to not allow Calling Cards Batch management and to do a manual payment for card without an additional password. For these actions are used these addresses in MOR: 


http://YOUR_IP/billing/cards/act?cg=3

and 

http://YOUR_IP/billing/cards/card_pay/22?cg=3

1. Create an Apache password file: 

htpasswd -c -b -m /home/mor/custome_areas_htpasswd admin your_password

2. Open Apache configuration with your favorite Linux editor: 

mcedit /etc/httpd/conf/httpd11.conf

and edit this file to look like this:

RewriteCond %{REQUEST_URI} !^/billing/public RewriteRule ^/billing(/.*)?$ /billing/public <Directory /var/www/billing/public/> Options ExecCGI FollowSymLinks AllowOverride All Allow from all Order allow,deny </Directory> <Directory /var/www/html/stats/> AddHandler cgi-script .pl Options +ExecCGI DirectoryIndex index.pl </Directory>

<Location "/billing/cards/act"> AuthType Basic AuthName "MOR" AuthUserFile /home/mor/custome_areas_htpasswd Require valid-user </Location>

<Location "/billing/cards/card_pay"> AuthType Basic AuthName "MOR" AuthUserFile /home/mor/custome_areas_htpasswd Require valid-user </Location>

Retrieved from "https://wiki.kolmisoft.com/index.php?title=I_share_my_admin_account_with_other_person_and_I_would_like_to_protect_some_pages_or_actions_in_MOR_to_be_available_only_for_me&oldid=10527"