Using Duke Webauth

Using Duke Webauth

Department users can use Webauth authentication to control access to material on the web to the Duke community based on their Duke NetID. Webauth is now deprecated in favor of Shibboleth.

Setting up a basic Webauth page is very simple and can be done using .htaccess files. In the directory requiring authentication, create an .htaccess file with the following contents:

AuthType webauth
WebauthEnable
WebauthConfig /usr/project/httpd/web-docs/csl/webauth/webauth-wat.xml
Require user fred jrt34 mary

This file will grant access only to users whose Duke NetIDs are fred, jrt34, or mary. If you wish to allow access to any valid Duke user, change the last line as shown in this example:

AuthType webauth
WebauthEnable
WebauthConfig /usr/project/httpd/web-docs/csl/webauth/webauth-wat.xml
Require valid-user

For users who wish to provide more detailed access, Webauth will return the user's NetID in the $_SERVER['REMOTE_USER'] variable. This can be used in custom web code to provide whatever level of access is desired.

If you have any questions about how to implement this, please contact the Lab Staff for more details.