[ossec-list] Re: Authentication of Users using WebUI

["Pankaj P. Pawar" <Pankajpa@xxxxxxxxxx>]

***********************
Your mail has been scanned by InterScan.
***********-***********


Sorry,

I found that file and tried the following config

.htaccess:
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /dev/null
Require valid-user

.htpasswd:
Nsdl: MdDipi2T6TjlA

The moment I restart Apache, I am getting default Welcome page.
I don't understand how do I revert back.
Should I delete the Ossec-wui folder and re-install the package again??

Pankaj P.



-----Original Message-----
From: ossec-list@xxxxxxxxxxxxxxxx [mailto:ossec-list@xxxxxxxxxxxxxxxx]
On Behalf Of Pankaj P. Pawar
Sent: Wednesday, April 04, 2007 9:58 AM
To: ossec-list@xxxxxxxxx
Cc: ossec-list@xxxxxxxxxxxxxxxx; Daniel Cid
Subject: [ossec-list] Re: Authentication of Users using WebUI

***********************
Your mail has been scanned by InterScan.
***********-***********




***********************
Your mail has been scanned by InterScan.
***********-***********


I have tried searching the htaccess file, but I could find only manuals
in the /var/www/manual/howto/htaccess.html for the same.

Pankaj P.

-----Original Message-----
From: ossec-list@xxxxxxxxxxxxxxxx [mailto:ossec-list@xxxxxxxxxxxxxxxx]
On Behalf Of Chris Tankersley
Sent: Tuesday, April 03, 2007 9:34 PM
To: ossec-list@xxxxxxxxxxxxxxxx
Subject: [ossec-list] Re: Authentication of Users using WebUI

***********************
Your mail has been scanned by InterScan.
***********-***********



The new version of the WebUI installs a .htaccess file by default. Some 
apache installs (like mine) have to turn on the AllowOverride in your 
config file to allow .htaccess to be used.

Using .htaccess though, you could have any number of usernames and 
passwords to authenticate against.

Chris

Dennis Borkhus-Veto wrote:
> What about using an htaccess file?  
> Dennis
>
> ----- Original Message -----
> From: ossec-list@xxxxxxxxxxxxxxxx <ossec-list@xxxxxxxxxxxxxxxx>
> To: ossec-list@xxxxxxxxx <ossec-list@xxxxxxxxx>
> Cc: Daniel Cid <daniel.cid@xxxxxxxxx>
> Sent: Mon Apr 02 23:47:25 2007
> Subject: [ossec-list] Authentication of Users using WebUI
>
> ***********************
> Your mail has been scanned by InterScan.
> ***********-***********
>
> 	
>
> Dear Daniel,
>
>  
>
> I have been using Ossec past 3 months and would like to appreciate the
way it is advancing towards achieving a sophisticated open source HIDS
project.
>
> But still I feel there is much left on the authentication aspect of
the Web UI which is the need of the day in every organization.
>
> Is there any way by which we can introduce user based authentication
for WebUI clients?
>
>  
>
> I would really like to bring to your notice that I was a novice to
Linux when I started this project and since then I have developed a good
taste of Linux.
>
> And I hope to learn more and more while working on OSSEC.
>
>  
>
> Thanks,
>
> Pankaj P.
>
>
************************************************************************
***********
> This message is for the named addressees' use only. It may contain
NSDL
>
> confidential, proprietary or legally privileged information. If you
receive 
>
> this message in error, please immediately delete it. You must not,
directly
>
> or indirectly, use, disclose, distribute, print, or copy any part of
this message
>
> if you are not the intended recipient.Unless otherwise stated, any
commercial
>
> information given in this message does not constitute an offer to deal
on 
>
> any terms quoted. Any reference to the terms of executed transactions 
>
> should be treated as preliminary only and subject to our formal
written 
>
> confirmation.
>
************************************************************************
***********
> 	
>
>   


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.





************************************************************************
***********
This message is for the named addressees' use only. It may contain NSDL

confidential, proprietary or legally privileged information. If you
receive 

this message in error, please immediately delete it. You must not,
directly

or indirectly, use, disclose, distribute, print, or copy any part of
this message

if you are not the intended recipient.Unless otherwise stated, any
commercial

information given in this message does not constitute an offer to deal
on 

any terms quoted.  Any reference to the terms of executed transactions 

should be treated as preliminary only and subject to our formal written 

confirmation.
************************************************************************
***********




***********************************************************************************
This message is for the named addressees' use only. It may contain NSDL

confidential, proprietary or legally privileged information. If you receive 

this message in error, please immediately delete it. You must not, directly

or indirectly, use, disclose, distribute, print, or copy any part of this message

if you are not the intended recipient.Unless otherwise stated, any commercial

information given in this message does not constitute an offer to deal on 

any terms quoted.  Any reference to the terms of executed transactions 

should be treated as preliminary only and subject to our formal written 

confirmation.
***********************************************************************************