Configuring AVAA Server authentication

AVAA offers several authentication methods, though only one can be selected for login.

No authentication

The server can be let open to everyone, only a username will be required to log in.

<SERVER>
    <LOGIN type="free" greet="Enter your name to continue" />
</SERVER>

JSON files authentication

Manage users via simple JSON files

<SERVER>
    <LOGIN type="json-files" path="./users" hash="SHA-512" greet="Please login to continue" />
</SERVER>

In the avaa-toolkit/users/ directory, add {userid}.json files for each user:

avaa-toolkit/users/test.json

{
    "name":"The Test User",
    "pass":"ee26b0dd4af7e749aa1a8ee3c10ae9923..."
}

HTPASSWD authentication

Manage users via htpasswd utility (can be shared with apache WebDAV auth)

<SERVER>
    <LOGIN type="htpasswd" path="/usr/local/apache2/webdav.passwords" greet="Please login to continue" />
</SERVER>

Database authentication

Manage users via MongoDB, this is the recommended way as it will unlock all database related features, and also automatically maintain a htpasswd file for WebDAV access.

This is currently the only authentication method supporting users management from the editor.

<SERVER>
    <LOGIN type="db" greet="Please login to continue" />
</SERVER>