Restricting Access to Database Operations
There are times when access to a particular database or operation on a database
should be restricted to certain users. The NCSA httpd server has built-in user
authentication features that can be easily adapted to work with an online
database. The discussion below is borrowed heavily from the
Mosaic User Authentication tutorial
, which goes into a less-detailed but more generally applicable discussion of
What to Protect
The server authentication scheme is intended to manage access to file system
objects. Access can be granted to certain people or sites or certain sites can
be refused access.
In this example, we have a CGI script we want to control access to because it
contains the database interface routines. Access control can be established in
the directory where the CGI script lives and only selected users or sites will
be able to interact with our database.
If all of our interface functions are contained in a single executable then
protecting certain interface functions from unauthorized access is a
little trickier. Briefly, you can do this by creating a symbolic link to the
CGI executable in a protected directory and calling the protected version
whenever a controlled procedure is desired. More details on this below.
The Access Control File
In the directory where the protected script exists, create a file called
.htaccess. In the file, put the following:
require user pumpkin
Choose an appropriate name and directory for AuthUserFile, which
will be created shortly. It should not be in the protected directory, as it
will contain all the usernames and passwords for access to that directory.
The AuthGroupFile can be used to set up access for specified groups,
which are defined in a "group file". This is detailed below.
The AuthName above is the name of the form that will appear on the
dialog box requesting a password.
The Password File
NCSA httpd comes with a program called htpasswd. To create the
password file and add a user to it, run
htpasswd /home/beowulf/public_html/.htpasswd pumpkin
replacing the path for the password file to the path appropriate for your
system. The file will be created and the username "pumpkin" added to it.
You will be prompted twice for "pumpkin's" password.
There is absolutely no connection between users in this file and
users on your local host. Users with local accounts can use the same (or
different) names in your local password file, with same (or different)
passwords. External users can have usernames in this file without having an
account on your system. This method only controls access to the files in the
That's all there is to it. Any user attempting to access a file in the
protected directory will be prompted for a password by their client browser,
which will pass it back to your server for verification. If they are in the
password file, access will be allowed.
What if you want to give access to a group of people? Do the following:
Add more groups as necessary. Don't forget to add the users in the
group file to the .htpasswd file - they'll need passwords.
- Add the users to the password file, using htpasswd, as above.
- Create a group file containing the names of the users to be allowed access
in the same directory as the password file (not required, but not a bad idea).
You might call it .htgroups for consistency. It should look like this:
add-access: pumpkin peanuts almonds walnuts
- Modify the .htaccess file as follows:
require group add-access
Controlling Specific Files
Some fancy footwork here. You can't limit access to a specific file, only to a
specific directory. If you want to limit access to a specific file, set up a
"protected directory", as above, with nothing in it. Then put the file you wish
to limit access to into that directory.
You can get fancier if you're running on a Unix-variant system. In this
example, we have a database to which we wish to restrict the ability of users
to search for records. One script, called wdb.cgi (see elsewhere in
this tutorial for more information on WDB) contains all the operations on the
database - query, add, update and delete. How can we control access to just one
of the functions when all of them are contained in the same script? Instead of
breaking the program up into pieces, try this:
Create an empty directory and establish protections for it. In this
case, the .htaccess file looks like this:
require user pumpkin
In this directory, create a symbolic link to the program. You could copy the
file, but why waste disk space? The only files in this directory are the
.htaccess file and the symlink.
Lastly, you need to have the calling program point to the symlink, not the
original copy. Access to the symlink will be protected, but access to the
original will be unlimited. My sample script looks like this:
<INPUT TYPE="submit" VALUE="Search for a record in the database">
That's it. Give it a try (user pumpkin, password pie):