Q. How do I password protect a folder on the web server?

A. We offer two methods of password protecting a folder on www.sonoma.edu and www.students.sonoma.edu:

NOTE: By password protecting your folder, you are protecting all the documents which reside in that folder. Please note that on our server, it is not possible to password protect a single document. Protection must take place at the folder level.

passwords.txt

This method allows you to assign a username and password pair that must be entered to access files in the directory. Create a plain text file named passwords.txt and save it in the directory you wish to password protect. In the text file, type the username and password (separated by a single space) that will allow access to the directory. You can create multiple usernames and passwords as long as you separate them with a carriage return. Usernames and passwords are case sensitive. Usernames should not include # & ! @ , but can use any letters or numbers.

Example:

student beloved
CS101 yahoo

 

When someone tries to access a web page in this directory the browser will prompt for a username & password. If the user uses the username student and password beloved (or the username cs101 and password yahoo) the page will be displayed. If the user enters a username/password combination not included in the passwords.txt file, uses the wrong case, or mixes one username with another password (eg. CS101 and beloved) the server responds with an "unauthorized" page.

ldapuids.txt

This method is used when you want to use the university's LDAP server to authenticate users. Authorized users will enter their Seawolf username and password to access your site.

NOTE: When you link to a file in a directory protected with ldapuids.txt, you must begin the link URL with https (not http). This ensures the username and password are encrypted while traveling over the network.

Only users with a valid Seawolf (LDAP) username and password will be able to view files in the protected directory.

  1. Create a plain text file named "ldapuids.txt".
  2. Choose one or more of the options below to give users access to the directory.
    • To give access to a specific user, add that person's Seawolf (LDAP) username.
    • To give access to all the employees in a specific university department or division, add the CMS department code, beginning with an @. Note: this option is not available on www.students.sonoma.edu.
    • To give access to all the students in a class, add the the course ID, beginning with an &. Note: this option is not available on www.students.sonoma.edu.
  3. Save the ldapuids.txt file.
  4. Upload ldapuids.txt to the directory on www.sonoma.edu that you want to password protect.

Note: Do NOT include passwords in the ldapuids.txt file.

Examples

Here are some examples of the types of entries that can be made in the ldapuids.txt file.

smithja
Give access to the person who has the Seawolf (LDAP) ID smithja.
ANY
Give access to anyone with a current Seawolf (LDAP) ID account - students, staff and faculty, and consultants who've been given SSU LDAP accounts.
@0001
Give access to all SSU employees (including student assistants).
Departments use the CMS department code and begin with an @ . In the CMS org chart, all employees ultimately report to the university president, so using the President's Office department code, 0001, gives access to all employees.
&ENGL-101-001-09-SP
Give access to all students enrolled in the Spring English 101 section 1. Courses are in the format &department-coursenumber-sectionnumber-year-term. Years are always in 2-digit format: for example, 09 for 2009 or 10 for 2010. Terms are WI (winter), SP (spring), SU (summer) and FA (fall).
&ENGL-*
Using the * as a wildcard give all students taking an English class access.

You can give multiple groups and individuals access by including each on a separate line in the ldapuids.txt. The example below would give access to the individual user (mooreb), all employees in Instructional Technology Services (@3103), and all CS-101 students:

mooreb
@3103
&CS-101-*