面試中問到這個問題,之前做過tomcat的登陸認證,nginx如下:
-- 使用模塊:
ngx_http_auth_basic_module :實現讓用戶只有輸入正確的用戶名密碼才允許訪問web內容
-- 安裝httpd工具:
yum -y install httpd
-- 用命令htpasswd生成密碼文件:-c指定密碼文件,后面自定義登陸的用戶名
htpasswd -c /etc/nginx/passwd nginxuser
--配置nginx:
配置文件server內新增加如下兩行:
auth_basic "Please input password"; #這里是驗證時的提示信息 auth_basic_user_file /etc/nginx/passwd;
nginx -t #驗證配置OK
service nginx restart #重啟生效
--附htpasswd命令:
Usage:
htpasswd [-cimBdpsDv] [-C cost] passwordfile username
htpasswd -b[cmBdpsDv] [-C cost] passwordfile username password
htpasswd -n[imBdps] [-C cost] username
htpasswd -nb[mBdps] [-C cost] username password
-c Create a new file.
-n Don't update file; display results on stdout.
-b Use the password from the command line rather than prompting for it.
-i Read password from stdin without verification (for script usage).
-m Force MD5 encryption of the password (default).
-B Force bcrypt encryption of the password (very secure).
-C Set the computing time used for the bcrypt algorithm
(higher is more secure but slower, default: 5, valid: 4 to 31).
-d Force CRYPT encryption of the password (8 chars max, insecure).
-s Force SHA encryption of the password (insecure).
-p Do not encrypt the password (plaintext, insecure).
-D Delete the specified user.
-v Verify password for the specified user.
On other systems than Windows and NetWare the '-p' flag will probably not work.
The SHA algorithm does not use a salt and is less secure than the MD5 algorithm.