Recipe 6.11 Authorizing Using File Ownership

Problem

You wish to require user authentication based on system file ownership. That is, you want to require that the user that owns the file matches the username that authenticated.

Solution

Use the Require file-owner directive:

<Directory /home/*/public_html/private>
    AuthType Basic
    AuthName "MyOwnFiles"
    AuthUserFile /some/master/authdb
    Require file-owner
</Directory>

Discussion

The goal here is to require that username jones must authenticate in order to access the /home/jones/public_html/private directory.

The user does not authenticate against the system password file but against the AuthUserFile specified in the example. Apache just requires that the name used for authentication matches the name of the owner of the file or directory in question. Note also that this is a feature of mod_auth and is not available in other authentication modules.

This feature was added in Apache 1.3.22.

See Also

• The Require file-group keyword at http://httpd.apache.org/docs/mod/mod_auth.html#require