Warden 1.44

Last Updated: April 2012

Copyright 2005-2012 Fresh Software LLC


Note: This documentation is constantly evolving. Please contact Fresh Software with any bugs, suggestions, questions, etc.

Contents

What Is Warden?
WebServer Requirements
How to Use Warden
    Step 1 - Edit Users (Create, Edit, Manage your User List)
    Step 2 - Enter Website/FTP Settings        PathFinder Wizard
    Step 3 - Apply to Website

    Searching For Users
    Emailing Users

    Web-Form Based Log-In

Options
Contact Fresh Software

 


What Is Warden?

Warden is a website user-manager and .htpasswd generator. It controls access to any webpage running Apache in three quick steps and is currently in development.  We're going to do a public beta test running up to the full release of the program, more information will be posted soon.

Do you run your own website?  Want to apply password protection to one or more webpages?  Fresh Software's Warden project will make it a snap to manage web accounts for multiple users.  Add new accounts in seconds, suspend them in a single click, or send email to one or many users from within the program.  If you don't like making .htpasswd and .htaccess files the old fashioned way,  try it the Fresh Software way.

 

 


WebServer Requirements

Warden password-protects  Apache & Apache compatible web servers.   Your webserver should support the .htpasswd and .htaccess standards outlined by Apache:

   Turn on mod_auth

Locate your httpd.conf file (usually in \conf\)  and make sure the following line is not commented out with a #:

LoadModule auth_module modules/mod_auth.so

   Turn on AllowOverride

The AllowOverride directive tells Apache that authentication settings (including usernames, passwords, etc) can be specified for individual directories (folders). There should be a line in your httpd.conf file that reads:

AllowOverride AuthConfig

If there is already a line that reads AllowOverride All , leave it be.

   For more information on Apache authentication:

Apache Website

Apache Tutorial: Authentication, Authorization and Access Control (2.2)  (2.0)  (1.3)

Apache Tutorial: htaccess files (2.2)   (2.0)   (1.3)

Apache Manual: htpasswd (2.2)  (2.0)   (1.3

 


How to Use Warden

The program is broken down into three steps.

Step 1 - Edit Users (Create and Edit your User List)

The first step in the process is to specify who you want to have access to your protected resource (Warden first starts with a blank project that contains no users)

Create a list of users who you want to have access to the webpage. Click the "Add New User" button to add a new user.
 


To add a new user, click the Add New User button.  The Add/Edit user dialog comes up.

Enter a username and password for the account. These two fields are always required. 

     Click the button to generate a random password as specified under Options

Optionally, you can enter in the Name and Email address of the user, along with any notes.

 

By default, the user's account will be enabled.
If you want to create the account but leave it disabled, uncheck the Account Enabled checkbox. You can activate the account later.

The user now appears in the list.

 

To add more users, repeat the step above by clicking the Add New User button.

To change the details of any existing user, select the user and click the Edit User button. Or, just double-click the user.

To toggle account access on or off, check or uncheck the box under the Access column.

To remove a user permanently, select a user and click the Delete User button.

 

Tip

In the Edit Users step, you can also search for specific users and/or send them an email. 
See Searching For Users and Emailing Users.

 


Click Next to advance to the FTP information page.

 

Step 2 - Website/FTP Settings

Next, enter in details for your Website's FTP server so that Warden can log in and protect your web folder.

If you think there is a better way to describe the following, please email

Name of Resource:   Enter in the name of the resource to protect. It will appear in the password dialog box when users browser to the URL.
URL of Resource:   Optionally, enter in the URL to the resource, so you can browse to it from Warden.
FTP Server:   Enter in the hostname or IP address of your FTP server.  Often in the form of ftp.website.com
FTP Username:   Enter in the FTP username used to access your website
FTP Password:   Enter in the FTP password that goes with the username.
Full Host Path to Dir:   Enter in the full server path to your home directory, where you go after logging in to your FTP server.   Example:

/home/httpd/vhosts/mydomain.com/

If you don't know your Full Host path to your home directory, contact your network administrator or your web host provider, or use the pathfinder wizard.
 
FTP Path to folder:   Enter in the path of the folder you wish to protect.  This may look something like

/httpdocs/myfolder/

      or

/public_html/members/

If you don't know your FTP Path to folder, contact your network administrator or your web host provider, or use the pathfinder wizard.

 

     
     


 

 

 

 

Browser Authentication Windows


Authentication Dialog on Internet Explorer 6.0

 


Authentication Dialog on Firefox 1.5



 

 

Click Next to advance to the Action page.

 

Step 3 - Apply to Website


After you have edited your user list and FTP information, click Save Settings & Project to save your project to a file that you can access later.

 Click Apply to Website to log in to your FTP server and apply password protection.


Optionally, you can click Export files to folder to create a .htaccess and .htpasswd file. You can then upload these files to your web server manually.
 

Generate wardenlogon.php creates a PHP file which can be used in Web Form logins.



FTP Upload Status

This step shows the progress of the FTP transactions to apply password protection to your website. If you entered in incorrect information, an error may appear here.


 

 

 


Searching for Users

If you are managing a large user list, you may find yourself in a situation where you need to locate a particular user.  Warden's search function makes this easy, just click the Search button .


Warden Search Mode

In the column you want to search, type in what you want to search for.  For example, to find people whose Real Name contains "An" , type in "An" under the Real Name field.

 


Warden Search Mode:  Type in what you want to look for

The results are shown in the window.  Click the Search button again to stop searching.

 

 


Sending Email To Users

Warden provides built-in email capabilities.  You can send an emails out to invidual users, all enabled users, all disabled users, and all users.

To access the email tool, click the user you would like to send an email to and then click the Send Email button on the toolbar. 


Send Email Window

The Send Email window appears.  Under Email Message, select who the message should go to.  If you selected a user first, their email will appear in the To: field.  You can also send email to three groups of users:

All Users -- Email is sent to everybody in the project's user list.

All Enabled Users -- Email is sent only to users with active accounts.

All Disabled Users -- Email is sent only to users with inactive (disabled) accounts.

Enter in the subject of the email and then the message itself.  In the email body, certain key words surrounded by percent signs % will be replaced with different text.  For example, the word %PASSWORD% will be replaced with the user's password before the email is actually sent.

String Replaced With
%USERNAME% Username
%PASSWORD% Password
%REALNAME% Real Name
%EMAIL% User's Email address
%NOTES% The notes you have on file for the user
%ACCOUNTSTATUS% "Enabled" for enabled accounts, "Disabled" for disabled accounts

IMPORTANT!  Before outgoing emails can be sent, you must enter in information for your outgoing mail server, including the address of the server and authentication information (username & password) if it is required to send mail.  Usually these details are provided by your ISP.   To enter in this information, Click Options and then Email, and look under the Email SMTP Server section.

 

 

 


Web-Form based Log-Ins

If you would like to use a web form to log in users to a protected resource, check the Generate wardenlogon.php setting in options.

When you apply warden protection to your website in Step 3, wardenlogon.php will be generated in your Application Data folder (the folder is shown on the confirmation page).

This can also be done manually by the button on the confirmation page.

Upload this file to your web server, and have your web-form post "user" and "pass" variables to it. The script will then log in with .htaccess authentication to your protected resource.

 

Here is a basic example:

1: <form method="POST" action="http://www.myserver.com/script/wardenlogon.php">
2: 	<p>Username: <input type="text" name="user"></p>
3: 	<p>Password: <input type="password" name="pass"></p>
4: 	<p><input type="submit" value="Log In" name="B1"></p>
5: </form>

 

 


 


Options



To change options, click the Options button at the top of the main window.





 

 

Confirm on Exit When checked, Warden asks for confirmation before exiting the program.
Check for Updates on Start Up When checked, Warden will query FreshSoftware.com to see if there is a newer version of the program available.
Make FTP directory if it doesn't exist When checked, Warden will create the protected directory on your web server, if it doesn't already exist.
Make new user accounts enabled by default When checked, new accounts added in Warden will have access to the protected resource. When unchecked, the account will not have access unless you check a box in the User Editor.

 

The email server page contains the settings necessary for Warden to send email messages.
If you don't know this information off-hand, consult your Internet Service Provider, or your network administrator.

SMTP Server The hostname or IP address of your SMTP mail server.
Port The port used to connect to your SMTP server. Usually, this is Port 25.
SMTP Username The username used to authenticate the sending of mail, if required by your mail server.
SMTP Password The password associated with the username, if one is required.
From Name When a user receives an email from Warden, this is the name it will appear to come from.
From Email When a user receives an email from Warden, this is the email address it will appear to come from.

 

Default email subject The subject on the sent email message, if a different one is not specified.
Default email message to send The standard email message that will be sent, if a different one is not specifed.

 

This page handles how random passwords are generated.

 

This page configures the Warden Web Server, which may be used for two things:

 1) A remote project/user editor (works great on Android and iOS)

 2) As a back-end tool to automate account management tasks from your web site.

 

To set up Warden Mobile, enter a server port, and an authorization key. If you're behind a router, you'll need to set up port-forwarding, and if you have a dynamic IP, you'll want to look into  a dynamic DNS service to route requests to your IP.  If that is set up, you can start the mobile manager from this address:

     http://YOUR_IP_ADDRESS:PORT/manager?authkey=AUTHKEY

 

Warden Server supports three back-end commands:

 

Send Password  : Mail the account password to a certain user (handy for retrieving forgotton passwords)

Add Account : Adds a new account to Warden, for access to your protected resource, and syncs with your web site.

Update User: Change user information (such as resetting password, or enabling/disabling accout access)

    

These commands can be used by creating a script on your website which accesses them.  For best results, you will need to have a static IP address associated with the computer on which Warden is running.  If you can not obtain a static IP address, you may use

 

Enable Server When checked, the web server is active and listens for requests from your webpage (or other web pages)
Port The port that Warden will listen on for connections.
Authorization Key A private code needed to access the Warden Server
Enable Password mailing When checked, the Warden Web server will remind users of their account information when it receives a properly formatted "sendpassword" request.
Email message body The email message which will be sent to the user when Warden receives a "sendpassword" request.
Enable Add Account Turns on the "Add Account" back-end command.
Enable Update User Turns on the "Update User" back-end command.
   

 

 

 

 

 

 

The Warden Path Finder Wizard

The Warden Path Finder Wizard is used to help you figure out your Home Directory (also known as "Full Host Path to Dir") and the relative path to the protected resource. It automates the diagnostic process previously outlined on this web page.

 

Enter the information required to connect to your FTP server.  This information is automatically filled in from Step 2 in the main Warden screen.  Click Connect to proceed.

 

Select the folder that corresponds to the main ("root") folder of your website, and click Select.   If the directories you see listed match up with the subdirectories under your root web folder, your FTP server has probably taken you to the root web folder automatically after logging in.  In this case, click I think I am already there.

 

 

Warden will run some test scripts on your website to determine the "full" path of where the script was executed.  Select the one that looks most like a file path, or directory.  These will usually look like  /home/blah/blah.  In the example above, both the Perl and PHP tests have run successfully.  Click Use This next to the result that looks most correct to you.

 

In the final step, the Path Finder Wizard will attempt to deduct your Home Directory, and the relative path to the resource that you wish to protect.  Click Accept these values to return to the main Warden Wizard, using these values.  Click Cancel if something looks grossly incorrect, or to keep the values you already filled in prior to starting the Path Finger wizard.

If the Path Finder Wizard does not work for you, you can try to deduct the Home Directory and Relative Path information by following the guide on this page.

If you are still not having success, you may email the author of the program for additional help.  Save your project in Warden and email the .FUF file as an attatchment. I will attempt to fix any incorrect information, it and email you back a new file with the corrections.  To do this, I will need your consent to log on to your FTP server.

 

 

Frequently Asked Questions

Can Warden use SFTP?

Currently, SFTP is not supported.  However, there is a workaround. You can click "Export files to Folder" under Step 4 to save the htaccess and htpasswd files to your hard drive, and them upload them to your server using an SFTP client such as WinSCP.

I cannot get Warden to work on my webserver. It seems to connect fine, but the password protection is not working.

First, please make sure that your webserver is running Apache.  Click the Tools menu and choose Get Information on web server.  Enter in the URL to your website, click OK, and make sure that the information returned contains the word Apache.

On the Path Finder wizard, the results of the Perl/PHP tests are not returning any useful information.

As above, please use the Get Information on web server tool to verify that you have Perl and/or PHP extensions installed on your web server.  Look for the words Perl and/or PHP in the returned information.

Is there any way of export the Warden file to a text file or other format that then can be imported?

Currently no, but this feature is planned.

I'm trying to open a project file, but get: Access violation at address 00516BE0 in module "warden.exe". Read of address 00000000.

This bug was resolved as of version 1.32.  If you still get an Access violation error, please email me the exact contents of the message, the conditions that generated the error (what you were doing and what you did prior to the error), and the version of Warden that you are using.

I am trying to find a single access point solution that clients complete ID and password and it directs them to their repective employee benefit portal/file. Right now I have to list clients on client login page and they click to gain access with unique ID and password. I want to eliminate listing them like this on my website.

Currently, Warden does not do this.

It would be nice that you could add different directories protection per user. Kind of relationship between users and several directories. Is this possible?

Warden's project files are currently focused on one directory at a time.  What you can do is save the project with a new name, and change the directory information in the new project file. 

 

 

 

 

Contact Fresh Software
 

Web: http://www.freshsoftware.com
Email:
Snail Mail: Fresh Software LLC
519  Erin St.
Eau Claire, WI 54703
USA
 
AIM: FreshSoft (good for quick questions)
Fax: 206-203-2739 [Attention: Drew Niese]
Its suggested you send an email to let us know a fax is coming.
Phone: If you require phone support, you can call Drew at (877) 838-6565 Monday to Friday 10am-6pm CST.

If the number does not work, his cell is 715-570-5076.