Switch to the folder:
/etc/apache2/sites-available
Open your website's configuration file, e.g. acme.org
<VirtualHost *:80> ServerAdmin webmaster@acme.org ServerName acme.org # Indexes + Directory Root. DirectoryIndex index.html DocumentRoot /var/www/acme.org # Logfiles ErrorLog /var/www/acme.org/logs/error.log CustomLog /var/www/acme.org/logs/access.log combined </VirtualHost> |
Insert the following directives:
<VirtualHost *:80> ServerAdmin webmaster@acme.org ServerName acme.org # Indexes + Directory Root. DirectoryIndex index.html DocumentRoot /var/www/acme.org # This is a server-wide configuration that will add information from the Mellon session to all requests. <Location /> # Add information from the auth_mellon session to the request. MellonEnable "info" # Configure the SP metadata # These should be the 3 files which were created when creating SP metadata. MellonSPPrivateKeyFile /etc/apache2/mellon/http_acme.org_apache.key MellonSPCertFile /etc/apache2/mellon/http_acme.org_apache.cert MellonSPMetadataFile /etc/apache2/mellon/http_acme.org_apache.xml # IdP metadata. This should be the metadata file you downloaded from the IdP. MellonIdPMetadataFile /etc/apache2/mellon/DualShield-Metadata.xml # The location all endpoints should be located under. # It is the URL to this location that is used as the second parameter to the metadata generation script. # This path is relative to the root of the web server. MellonEndpointPath /mellon </Location> # This is a location that will trigger authentication when requested. <Location /mfa> # This location will trigger an authentication request to the IdP. MellonEnable "auth" </Location> |
# Logfiles ErrorLog /var/www/acme.org/logs/error.log CustomLog /var/www/acme.org/logs/access.log combined </VirtualHost> |
We assume that the access to resources in the folder "mfa" requires user authentication.
Restart the Apache server: sudo service apache2 restart
Now, your website is protected by multi-factor authentication.