diff options
Diffstat (limited to 'docs/manual/mod/mod_auth.html')
-rw-r--r-- | docs/manual/mod/mod_auth.html | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/docs/manual/mod/mod_auth.html b/docs/manual/mod/mod_auth.html index 9df287973a..a67342592f 100644 --- a/docs/manual/mod/mod_auth.html +++ b/docs/manual/mod/mod_auth.html @@ -2,7 +2,7 @@ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX This file is generated from xml source: DO NOT EDIT XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ---><title>mod_auth - Apache HTTP Server</title><link href="../style/manual.css" type="text/css" rel="stylesheet"/></head><body><blockquote><div align="center"><img alt="[APACHE DOCUMENTATION]" src="../images/sub.gif"/><h3>Apache HTTP Server Version 2.0</h3></div><h1 align="center">Apache Module mod_auth</h1><table cellspacing="1" cellpadding="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td valign="top"><span class="help">Description:</span></td><td>User authentication using text files</td></tr><tr><td><a href="module-dict.html#Status" class="help">Status:</a></td><td>Base</td></tr><tr><td><a href="module-dict.html#ModuleIdentifier" class="help">Module Identifier:</a></td><td>auth_module</td></tr></table></td></tr></table><h2>Summary</h2> +--><title>mod_auth - Apache HTTP Server</title><link rel="stylesheet" type="text/css" href="../style/manual.css"/></head><body><blockquote><div align="center"><img src="../images/sub.gif" alt="[APACHE DOCUMENTATION]"/><h3>Apache HTTP Server Version 2.0</h3></div><h1 align="center">Apache Module mod_auth</h1><table bgcolor="#cccccc" cellpadding="0" cellspacing="1"><tr><td><table bgcolor="#ffffff"><tr><td valign="top"><span class="help">Description:</span></td><td>User authentication using text files</td></tr><tr><td><a class="help" href="module-dict.html#Status">Status:</a></td><td>Base</td></tr><tr><td><a class="help" href="module-dict.html#ModuleIdentifier">Module Identifier:</a></td><td>auth_module</td></tr></table></td></tr></table><h2>Summary</h2> <p>This module allows the use of HTTP Basic Authentication to restrict access by looking up users in plain text password and @@ -11,8 +11,8 @@ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Authentication is provided by <code><a href="mod_auth_digest.html">mod_auth_digest</a></code>.</p> -<h2>Directives</h2><ul><li><a href="#authauthoritative">AuthAuthoritative</a></li><li><a href="#authgroupfile">AuthGroupFile</a></li><li><a href="#authuserfile">AuthUserFile</a></li></ul><p><strong>See also </strong></p><ul><li><a href="core.html#require" class="directive"><code class="directive">Require</code></a></li><li><a href="core.html#satisfy" class="directive"><code class="directive">Satisfy</code></a></li><li><a href="core.html#authname" class="directive"><code class="directive">AuthName</code></a></li><li><a href="core.html#authtype" class="directive"><code class="directive">AuthType</code></a></li></ul><hr/><h2><a name="AuthAuthoritative">AuthAuthoritative</a> <a name="authauthoritative">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td><strong>Description: </strong></td><td>Sets whether authorization and authentication are -passed to lower level modules</td></tr><tr><td><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td>AuthAuthoritative on|off</td></tr><tr><td><a href="directive-dict.html#Default" class="help">Default:</a></td><td><code>AuthAuthoritative on</code></td></tr><tr><td><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td><a href="directive-dict.html#Override" class="help">Override:</a></td><td>AuthConfig</td></tr><tr><td><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Base</td></tr><tr><td><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_auth</td></tr></table></td></tr></table> +<h2>Directives</h2><ul><li><a href="#authauthoritative">AuthAuthoritative</a></li><li><a href="#authgroupfile">AuthGroupFile</a></li><li><a href="#authuserfile">AuthUserFile</a></li></ul><p><strong>See also </strong></p><ul><li><a class="directive" href="core.html#require"><code class="directive">Require</code></a></li><li><a class="directive" href="core.html#satisfy"><code class="directive">Satisfy</code></a></li><li><a class="directive" href="core.html#authname"><code class="directive">AuthName</code></a></li><li><a class="directive" href="core.html#authtype"><code class="directive">AuthType</code></a></li></ul><hr/><h2><a name="AuthAuthoritative">AuthAuthoritative</a> <a name="authauthoritative">Directive</a></h2><table bgcolor="#cccccc" border="0" cellspacing="0" cellpadding="1"><tr><td><table bgcolor="#ffffff"><tr><td><strong>Description: </strong></td><td>Sets whether authorization and authentication are +passed to lower level modules</td></tr><tr><td><a class="help" href="directive-dict.html#Syntax">Syntax:</a></td><td>AuthAuthoritative on|off</td></tr><tr><td><a class="help" href="directive-dict.html#Default">Default:</a></td><td><code>AuthAuthoritative on</code></td></tr><tr><td><a class="help" href="directive-dict.html#Context">Context:</a></td><td>directory, .htaccess</td></tr><tr><td><a class="help" href="directive-dict.html#Override">Override:</a></td><td>AuthConfig</td></tr><tr><td><a class="help" href="directive-dict.html#Status">Status:</a></td><td>Base</td></tr><tr><td><a class="help" href="directive-dict.html#Module">Module:</a></td><td>mod_auth</td></tr></table></td></tr></table> <blockquote><table><tr><td bgcolor="#e0e5f5">This information has not been updated for Apache 2.0, which uses a different system for module ordering.</td></tr></table></blockquote> @@ -28,7 +28,7 @@ uses a different system for module ordering.</td></tr></table></blockquote> an Authorization Required reply.</p> <p>So if a userID appears in the database of more than one module; - or if a valid <a href="core.html#require" class="directive"><code class="directive">Require</code></a> + or if a valid <a class="directive" href="core.html#require"><code class="directive">Require</code></a> directive applies to more than one module; then the first module will verify the credentials; and no access is passed on; regardless of the AuthAuthoritative setting.</p> @@ -38,7 +38,7 @@ uses a different system for module ordering.</td></tr></table></blockquote> <code>mod_auth_msql</code>, and <code><a href="mod_auth_anon.html">mod_auth_anon</a></code>. These modules supply the bulk of the user credential checking; but a few (administrator) related accesses fall through to a lower - level with a well protected <a href="#authuserfile" class="directive"><code class="directive">AuthUserFile</code></a>.</p> + level with a well protected <a class="directive" href="#authuserfile"><code class="directive">AuthUserFile</code></a>.</p> <p>By default; control is not passed on; and an unknown userID or rule will result in an Authorization Required reply. Not setting @@ -49,18 +49,18 @@ uses a different system for module ordering.</td></tr></table></blockquote> allowing a user to allow fall-through in his .htaccess file; and verify that this is really what you want; Generally it is easier to just secure a single .htpasswd file, than it is to secure a - database such as mSQL. Make sure that the <a href="#authuserfile" class="directive"><code class="directive">AuthUserFile</code></a> is stored outside the + database such as mSQL. Make sure that the <a class="directive" href="#authuserfile"><code class="directive">AuthUserFile</code></a> is stored outside the document tree of the web-server; do <em>not</em> put it in the directory that it protects. Otherwise, clients will be able to - download the <a href="#authuserfile" class="directive"><code class="directive">AuthUserFile</code></a>. + download the <a class="directive" href="#authuserfile"><code class="directive">AuthUserFile</code></a>. </td></tr></table></blockquote> -<hr/><h2><a name="AuthGroupFile">AuthGroupFile</a> <a name="authgroupfile">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td><strong>Description: </strong></td><td>Sets the name of a text file containing the list -of user groups for authentication</td></tr><tr><td><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td>AuthGroupFile <em>file-path</em></td></tr><tr><td><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td><a href="directive-dict.html#Override" class="help">Override:</a></td><td>AuthConfig</td></tr><tr><td><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Base</td></tr><tr><td><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_auth</td></tr></table></td></tr></table> +<hr/><h2><a name="AuthGroupFile">AuthGroupFile</a> <a name="authgroupfile">Directive</a></h2><table bgcolor="#cccccc" border="0" cellspacing="0" cellpadding="1"><tr><td><table bgcolor="#ffffff"><tr><td><strong>Description: </strong></td><td>Sets the name of a text file containing the list +of user groups for authentication</td></tr><tr><td><a class="help" href="directive-dict.html#Syntax">Syntax:</a></td><td>AuthGroupFile <em>file-path</em></td></tr><tr><td><a class="help" href="directive-dict.html#Context">Context:</a></td><td>directory, .htaccess</td></tr><tr><td><a class="help" href="directive-dict.html#Override">Override:</a></td><td>AuthConfig</td></tr><tr><td><a class="help" href="directive-dict.html#Status">Status:</a></td><td>Base</td></tr><tr><td><a class="help" href="directive-dict.html#Module">Module:</a></td><td>mod_auth</td></tr></table></td></tr></table> <p>The <code class="directive">AuthGroupFile</code> directive sets the name of a textual file containing the list of user groups for user authentication. <em>File-path</em> is the path to the group file. If it is not absolute (<em>i.e.</em>, if it doesn't begin - with a slash), it is treated as relative to the <a href="core.html#serverroot" class="directive"><code class="directive">ServerRoot</code></a>.</p> + with a slash), it is treated as relative to the <a class="directive" href="core.html#serverroot"><code class="directive">ServerRoot</code></a>.</p> <p>Each line of the group file contains a groupname followed by a colon, followed by the member usernames separated by spaces. @@ -69,7 +69,7 @@ of user groups for authentication</td></tr><tr><td><a href="directive-dict.html# <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code>mygroup: bob joe anne</code></td></tr></table></blockquote> <p>Note that searching large text files is <em>very</em> - inefficient; <a href="mod_auth_dbm.html#authdbmgroupfile" class="directive"><code class="directive">AuthDBMGroupFile</code></a> should be used + inefficient; <a class="directive" href="mod_auth_dbm.html#authdbmgroupfile"><code class="directive">AuthDBMGroupFile</code></a> should be used instead.</p> <blockquote><table><tr><td bgcolor="#e0e5f5"><p align="center"><strong>Security</strong></p> @@ -78,13 +78,13 @@ of user groups for authentication</td></tr><tr><td><a href="directive-dict.html# the directory that it protects. Otherwise, clients will be able to download the AuthGroupFile.</p> </td></tr></table></blockquote> -<hr/><h2><a name="AuthUserFile">AuthUserFile</a> <a name="authuserfile">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td><strong>Description: </strong></td><td>Sets the name of a text file containing the list of users and -passwords for authentication</td></tr><tr><td><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td>AuthUserFile <em>file-path</em></td></tr><tr><td><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td><a href="directive-dict.html#Override" class="help">Override:</a></td><td>AuthConfig</td></tr><tr><td><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Base</td></tr><tr><td><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_auth</td></tr></table></td></tr></table> +<hr/><h2><a name="AuthUserFile">AuthUserFile</a> <a name="authuserfile">Directive</a></h2><table bgcolor="#cccccc" border="0" cellspacing="0" cellpadding="1"><tr><td><table bgcolor="#ffffff"><tr><td><strong>Description: </strong></td><td>Sets the name of a text file containing the list of users and +passwords for authentication</td></tr><tr><td><a class="help" href="directive-dict.html#Syntax">Syntax:</a></td><td>AuthUserFile <em>file-path</em></td></tr><tr><td><a class="help" href="directive-dict.html#Context">Context:</a></td><td>directory, .htaccess</td></tr><tr><td><a class="help" href="directive-dict.html#Override">Override:</a></td><td>AuthConfig</td></tr><tr><td><a class="help" href="directive-dict.html#Status">Status:</a></td><td>Base</td></tr><tr><td><a class="help" href="directive-dict.html#Module">Module:</a></td><td>mod_auth</td></tr></table></td></tr></table> <p>The <code class="directive">AuthUserFile</code> directive sets the name of a textual file containing the list of users and passwords for user authentication. <em>File-path</em> is the path to the user file. If it is not absolute (<em>i.e.</em>, if it doesn't begin - with a slash), it is treated as relative to the <a href="core.html#serverroot" class="directive"><code class="directive">ServerRoot</code></a>.</p> + with a slash), it is treated as relative to the <a class="directive" href="core.html#serverroot"><code class="directive">ServerRoot</code></a>.</p> <p>Each line of the user file file contains a username followed by a colon, followed by the <code>crypt()</code> encrypted @@ -105,7 +105,7 @@ passwords for authentication</td></tr><tr><td><a href="directive-dict.html#Synta <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code>htpasswd Filename username2</code></td></tr></table></blockquote> <p>Note that searching large text files is <em>very</em> - inefficient; <a href="mod_auth_dbm.html#authdbmuserfile" class="directive"><code class="directive">AuthDBMUserFile</code></a> should be used + inefficient; <a class="directive" href="mod_auth_dbm.html#authdbmuserfile"><code class="directive">AuthDBMUserFile</code></a> should be used instead.</p> <blockquote><table><tr><td bgcolor="#e0e5f5"><p align="center"><strong>Security</strong></p><p>Make sure that the AuthUserFile is @@ -113,4 +113,4 @@ stored outside the document tree of the web-server; do <em>not</em> put it in the directory that it protects. Otherwise, clients will be able to download the AuthUserFile.</p></td></tr></table></blockquote> -<hr/><h3 align="center">Apache HTTP Server Version 2.0</h3><a href="./"><img alt="Index" src="../images/index.gif"/></a><a href="../"><img alt="Home" src="../images/home.gif"/></a></blockquote></body></html>
\ No newline at end of file +<hr/><h3 align="center">Apache HTTP Server Version 2.0</h3><a href="./"><img src="../images/index.gif" alt="Index"/></a><a href="../"><img src="../images/home.gif" alt="Home"/></a></blockquote></body></html>
\ No newline at end of file |