diff options
author | Ken Coar <coar@apache.org> | 1998-01-26 16:54:35 +0000 |
---|---|---|
committer | Ken Coar <coar@apache.org> | 1998-01-26 16:54:35 +0000 |
commit | 07050bb5be522bbf66bb8f053b53beefa295ee68 (patch) | |
tree | 36dd2244794bae73e5e368d95eb4dcdb53687cb1 /docs/manual/mod/mod_auth.html | |
parent | bbc3f6d277e3b53cc23ebd07663087dba79ef941 (diff) | |
download | httpd-07050bb5be522bbf66bb8f053b53beefa295ee68.tar.gz |
A truly mighty mod normalising HTML tags to uppercase, and
'i' and 'b' to 'EM' and 'STRONG' respectively. Been threatening
to do this for months.. no-one need try to maintain this when
writing/modifiying the docs.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@80021 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'docs/manual/mod/mod_auth.html')
-rw-r--r-- | docs/manual/mod/mod_auth.html | 110 |
1 files changed, 55 insertions, 55 deletions
diff --git a/docs/manual/mod/mod_auth.html b/docs/manual/mod/mod_auth.html index c0286fe395..eb006f4837 100644 --- a/docs/manual/mod/mod_auth.html +++ b/docs/manual/mod/mod_auth.html @@ -14,136 +14,136 @@ > <!--#include virtual="header.html" --> -<H1 ALIGN="CENTER">Module mod_auth</h1> +<H1 ALIGN="CENTER">Module mod_auth</H1> -This module is contained in the <code>mod_auth.c</code> file, and +This module is contained in the <CODE>mod_auth.c</CODE> file, and is compiled in by default. It provides for user authentication using textual files. -<menu> -<li><A HREF="#authgroupfile">AuthGroupFile</A> -<li><A HREF="#authuserfile">AuthUserFile</A> -<li><A HREF="#authauthoritative">AuthAuthoritative</A> -</menu> -<hr> +<MENU> +<LI><A HREF="#authgroupfile">AuthGroupFile</A> +<LI><A HREF="#authuserfile">AuthUserFile</A> +<LI><A HREF="#authauthoritative">AuthAuthoritative</A> +</MENU> +<HR> <A name="authgroupfile"><h2>AuthGroupFile</h2></A> <!--%plaintext <?INDEX {\tt AuthGroupFile} directive> --> -<strong>Syntax:</strong> AuthGroupFile <em>filename</em><br> -<Strong>Context:</strong> directory, .htaccess<br> -<Strong>Override:</strong> AuthConfig<br> -<strong>Status:</strong> Base<br> -<strong>Module:</strong> mod_auth<p> +<STRONG>Syntax:</STRONG> AuthGroupFile <EM>filename</EM><BR> +<Strong>Context:</STRONG> directory, .htaccess<BR> +<Strong>Override:</STRONG> AuthConfig<BR> +<STRONG>Status:</STRONG> Base<BR> +<STRONG>Module:</STRONG> mod_auth<P> The AuthGroupFile directive sets the name of a textual file containing the list -of user groups for user authentication. <em>Filename</em> is the path +of user groups for user authentication. <EM>Filename</EM> is the path to the group file. If it is not absolute (<EM>i.e.</EM>, if it doesn't begin with a slash), it is treated as relative to the ServerRoot. <P> Each line of the group file contains a groupname followed by a colon, followed by the member usernames separated by spaces. Example: -<blockquote><code>mygroup: bob joe anne</code></blockquote> -Note that searching large text files is <em>very</em> inefficient; +<BLOCKQUOTE><CODE>mygroup: bob joe anne</CODE></BLOCKQUOTE> +Note that searching large text files is <EM>very</EM> inefficient; <A HREF="mod_auth_dbm.html#authdbmgroupfile">AuthDBMGroupFile</A> should -be used instead.<p> +be used instead.<P> Security: make sure that the AuthGroupFile is stored outside the -document tree of the web-server; do <em>not</em> put it in the directory that -it protects. Otherwise, clients will be able to download the AuthGroupFile.<p> +document tree of the web-server; do <EM>not</EM> put it in the directory that +it protects. Otherwise, clients will be able to download the AuthGroupFile.<P> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and -<A HREF="#authuserfile">AuthUserFile</A>.<p><hr> +<A HREF="#authuserfile">AuthUserFile</A>.<P><HR> <A name="authuserfile"><h2>AuthUserFile</h2></A> <!--%plaintext <?INDEX {\tt AuthUserFile} directive> --> -<strong>Syntax:</strong> AuthUserFile <em>filename</em><br> -<Strong>Context:</strong> directory, .htaccess<br> -<Strong>Override:</strong> AuthConfig<br> -<strong>Status:</strong> Base<br> -<strong>Module:</strong> mod_auth<p> +<STRONG>Syntax:</STRONG> AuthUserFile <EM>filename</EM><BR> +<Strong>Context:</STRONG> directory, .htaccess<BR> +<Strong>Override:</STRONG> AuthConfig<BR> +<STRONG>Status:</STRONG> Base<BR> +<STRONG>Module:</STRONG> mod_auth<P> The AuthUserFile directive sets the name of a textual file containing the list of users and passwords for user -authentication. <em>Filename</em> is the path to the user +authentication. <EM>Filename</EM> is the path to the user file. If it is not absolute (<EM>i.e.</EM>, if it doesn't begin with a slash), it is treated as relative to the ServerRoot. -<p> Each line of the user file file contains a username followed +<P> Each line of the user file file contains a username followed by a colon, followed by the crypt() encrypted password. The behavior of multiple occurrences of the same user is undefined. -<p> Note that +<P> Note that searching large text files is <EM>very</EM> inefficient; <A HREF="mod_auth_dbm.html#authdbmuserfile">AuthDBMUserFile</A> should be used instead. -<p> +<P> Security: make sure that the AuthUserFile is stored outside the -document tree of the web-server; do <em>not</em> put it in the directory that -it protects. Otherwise, clients will be able to download the AuthUserFile.<p> +document tree of the web-server; do <EM>not</EM> put it in the directory that +it protects. Otherwise, clients will be able to download the AuthUserFile.<P> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and -<A HREF="#authgroupfile">AuthGroupFile</A>.<p> -<hr> +<A HREF="#authgroupfile">AuthGroupFile</A>.<P> +<HR> <A name="authauthoritative"><h2>AuthAuthoritative</h2></A> <!--%plaintext <?INDEX {\tt AuthAuthoritative} directive> --> -<strong>Syntax:</strong> AuthAuthoritative < <strong> on</strong>(default) | off > <br> -<Strong>Context:</strong> directory, .htaccess<br> -<Strong>Override:</strong> AuthConfig<br> -<strong>Status:</strong> Base<br> -<strong>Module:</strong> mod_auth<p> +<STRONG>Syntax:</STRONG> AuthAuthoritative < <STRONG> on</STRONG>(default) | off > <BR> +<Strong>Context:</STRONG> directory, .htaccess<BR> +<Strong>Override:</STRONG> AuthConfig<BR> +<STRONG>Status:</STRONG> Base<BR> +<STRONG>Module:</STRONG> mod_auth<P> -Setting the AuthAuthoritative directive explicitly to <b>'off'</b> +Setting the AuthAuthoritative directive explicitly to <STRONG>'off'</STRONG> allows for both authentication and authorization to be passed on to -lower level modules (as defined in the <code>Configuration</code> and -<code>modules.c</code> files) if there is <b>no userID</b> or -<b>rule</b> matching the supplied userID. If there is a userID and/or +lower level modules (as defined in the <CODE>Configuration</CODE> and +<CODE>modules.c</CODE> files) if there is <STRONG>no userID</STRONG> or +<STRONG>rule</STRONG> matching the supplied userID. If there is a userID and/or rule specified; the usual password and access checks will be applied and a failure will give an Authorization Required reply. -<p> +<P> So if a userID appears in the database of more than one module; or if a valid require directive applies to more than one module; then the first module will verify the credentials; and no access is passed on; regardless of the AuthAuthoritative setting. -<p> +<P> A common use for this is in conjunction with one of the database -modules; such as <a -href="mod_auth_db.html"><code>mod_auth_db.c</code></a>, <a -href="mod_auth_dbm.html"><code>mod_auth_dbm.c</code></a>, -<code>mod_auth_msql.c</code>, and <a -href="mod_auth_anon.html"><code>mod_auth_anon.c</code></a>. These modules +modules; such as <A +HREF="mod_auth_db.html"><CODE>mod_auth_db.c</CODE></A>, <A +HREF="mod_auth_dbm.html"><CODE>mod_auth_dbm.c</CODE></A>, +<CODE>mod_auth_msql.c</CODE>, and <A +HREF="mod_auth_anon.html"><CODE>mod_auth_anon.c</CODE></A>. These modules supply the bulk of the user credential checking; but a few (administrator) related accesses fall through to a lower level with a well protected AuthUserFile. -<p> +<P> -<b>Default:</b> By default; control is not passed on; and an unknown +<STRONG>Default:</STRONG> By default; control is not passed on; and an unknown userID or rule will result in an Authorization Required reply. Not setting it thus keeps the system secure; and forces an NSCA compliant behaviour. -<p> +<P> Security: Do consider the implications of allowing a user to allow fall-through in his .htaccess file; and verify that this is really what you want; Generally it is easier to just secure a single .htpasswd file, than it is to secure a database such as mSQL. Make sure that the AuthUserFile is stored outside the document tree of the -web-server; do <em>not</em> put it in the directory that it +web-server; do <EM>not</EM> put it in the directory that it protects. Otherwise, clients will be able to download the AuthUserFile. -<p> +<P> See also <A HREF="core.html#authname">AuthName</A>, <A HREF="core.html#authtype">AuthType</A> and -<A HREF="#authgroupfile">AuthGroupFile</A>.<p> +<A HREF="#authgroupfile">AuthGroupFile</A>.<P> <!--#include virtual="footer.html" --> </BODY> |