www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-01 07:26:57 +03:00
Code Activity

update transformation

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97825 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
André Malo
2002-12-09 22:27:16 +00:00
parent 2c46e908a1
commit f22c611ab1
15 changed files with 527 additions and 372 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/manual/mod/directives.html.en
View File

@ -45,7 +45,6 @@
<li><a href="mod_proxy.html#allowconnect">AllowCONNECT</a></li>
<li><a href="core.html#allowoverride">AllowOverride</a></li>
<li><a href="mod_authn_anon.html#anonymous">Anonymous</a></li>
<li><a href="mod_authn_anon.html#anonymous_authoritative">Anonymous_Authoritative</a></li>
<li><a href="mod_authn_anon.html#anonymous_logemail">Anonymous_LogEmail</a></li>
<li><a href="mod_authn_anon.html#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></li>
<li><a href="mod_authn_anon.html#anonymous_nouserid">Anonymous_NoUserID</a></li>
@ -56,14 +55,15 @@
<li><a href="mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a></li>
<li><a href="mod_authn_dbm.html#authdbmtype">AuthDBMType</a></li>
<li><a href="mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile</a></li>
<li><a href="mod_authn_default.html#authdefaultauthoritative">AuthDefaultAuthoritative</a></li>
<li><a href="mod_auth_digest.html#authdigestalgorithm">AuthDigestAlgorithm</a></li>
<li><a href="mod_auth_digest.html#authdigestdomain">AuthDigestDomain</a></li>
<li><a href="mod_auth_digest.html#authdigestfile">AuthDigestFile</a></li>
<li><a href="mod_auth_digest.html#authdigestgroupfile">AuthDigestGroupFile</a></li>
<li><a href="mod_auth_digest.html#authdigestnccheck">AuthDigestNcCheck</a></li>
<li><a href="mod_auth_digest.html#authdigestnonceformat">AuthDigestNonceFormat</a></li>
<li><a href="mod_auth_digest.html#authdigestnoncelifetime">AuthDigestNonceLifetime</a></li>
<li><a href="mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></li>
<li><a href="mod_auth_digest.html#authdigestqop">AuthDigestQop</a></li>
<li><a href="mod_auth_digest.html#authdigestshmemsize">AuthDigestShmemSize</a></li>
<li><a href="mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></li>
<li><a href="mod_auth_ldap.html#authldapauthoritative">AuthLDAPAuthoritative</a></li>
<li><a href="mod_auth_ldap.html#authldapbinddn">AuthLDAPBindDN</a></li>
@ -82,7 +82,9 @@
<li><a href="mod_authn_file.html#authuserfile">AuthUserFile</a></li>
<li><a href="mod_authz_dbm.html#authzdbmauthoritative">AuthzDBMAuthoritative</a></li>
<li><a href="mod_authz_dbm.html#authzdbmtype">AuthzDBMType</a></li>
<li><a href="mod_authz_default.html#authzdefaultauthoritative">AuthzDefaultAuthoritative</a></li>
<li><a href="mod_authz_groupfile.html#authzgroupfileauthoritative">AuthzGroupFileAuthoritative</a></li>
<li><a href="mod_authz_user.html#authzuserauthoritative">AuthzUserAuthoritative</a></li>
<li><a href="mod_setenvif.html#browsermatch" id="B" name="B">BrowserMatch</a></li>
<li><a href="mod_setenvif.html#browsermatchnocase">BrowserMatchNoCase</a></li>
<li><a href="mod_cache.html#cachedefaultexpire" id="C" name="C">CacheDefaultExpire</a></li>

3
docs/manual/mod/index.html.en
View File

@ -39,11 +39,14 @@ for HTTP Basic authentication.</dd>
<dt><a href="mod_authn_anon.html">mod_authn_anon</a></dt><dd>Allows "anonymous" user access to authenticated
areas</dd>
<dt><a href="mod_authn_dbm.html">mod_authn_dbm</a></dt><dd>User authentication using DBM files</dd>
<dt><a href="mod_authn_default.html">mod_authn_default</a></dt><dd>Authentication fallback module</dd>
<dt><a href="mod_authn_file.html">mod_authn_file</a></dt><dd>User authentication using text files</dd>
<dt><a href="mod_authz_dbm.html">mod_authz_dbm</a></dt><dd>Group authorization using DBM files</dd>
<dt><a href="mod_authz_default.html">mod_authz_default</a></dt><dd>Authorization fallback module</dd>
<dt><a href="mod_authz_groupfile.html">mod_authz_groupfile</a></dt><dd>Group authorization using plaintext files</dd>
<dt><a href="mod_authz_host.html">mod_authz_host</a></dt><dd>Group authorizations based on host (name or IP
address)</dd>
<dt><a href="mod_authz_user.html">mod_authz_user</a></dt><dd>User Authorization</dd>
<dt><a href="mod_autoindex.html">mod_autoindex</a></dt><dd>Generates directory indexes,
automatically, similar to the Unix <code>ls</code> command or the
Win32 <code>dir</code> shell command</dd>

52
docs/manual/mod/mod_auth_basic.html.en
View File

@ -10,30 +10,27 @@
</a></th><td>auth_basic_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source<63>File:
</a></th><td>mod_auth_basic.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
<p>This module allows the use of HTTP Basic Authentication to
restrict access by looking up users in the given providers.
HTTP Digest Authentication is provided by
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authbasicauthoritative">AuthBasicAuthoritative</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authbasicprovider">AuthBasicProvider</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthBasicAuthoritative" id="AuthBasicAuthoritative">AuthBasicAuthoritative</a> <a name="authbasicauthoritative" id="authbasicauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether authorization and authentication are
passed to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthBasicAuthoritative on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthBasicAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>Sets whether authorization and authentication are passed to
lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthBasicAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthBasicAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_basic</td></tr></table>
<p>Setting the <code class="directive">AuthBasicAuthoritative</code> directive
explicitly to <strong>'off'</strong> allows for both
explicitly to <code>Off</code> allows for both
authentication and authorization to be passed on to lower level
modules (as defined in the <code>Configuration</code> and
<code>modules.c</code> files) if there is <strong>no
userID</strong> or <strong>rule</strong> matching the supplied
userID. If there is a userID and/or rule specified; the usual
modules (as defined in the <code>modules.c</code> files) if there is
<strong>no userID</strong> or <strong>rule</strong> matching the
supplied userID. If there is a userID and/or rule specified, the usual
password and access checks will be applied and a failure will give
an Authorization Required reply.</p>
@ -43,22 +40,39 @@ passed to lower level modules</td></tr><tr><th><a href="directive-dict.html#Synt
will verify the credentials; and no access is passed on;
regardless of the AuthAuthoritative setting.</p>
<p>By default; control is not passed on; and an unknown userID or
<p>By default control is not passed on and an unknown userID or
rule will result in an Authorization Required reply. Not setting
it thus keeps the system secure; and forces an NCSA compliant
it thus keeps the system secure and forces an NCSA compliant
behaviour.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthBasicProvider" id="AuthBasicProvider">AuthBasicProvider</a> <a name="authbasicprovider" id="authbasicprovider">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the authentication provider(s) for this location</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthBasicProvider <em>provider-name</em></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td><code>AuthBasicProvider On|Off|<var>provider-name</var>
[<var>provider-name</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthBasicProvider On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_basic</td></tr></table>
<p>The <code class="directive">AuthBasicProvider</code> directive sets
which provider is used to authenticate the users for this location.</p>
which provider is used to authenticate the users for this location.
Setting the value to <code>On</code> will choose the default provider
(<code>file</code>). Since the <code>file</code> provider is implemented
by the <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> module, you have to make sure,
that the module is present in the server.</p>
<p>See <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code>, <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>
<div class="example"><h3>Example</h3><p><code>
&lt;Location /secure&gt;<br />
<span class="indent">
AuthBasicProvider dbm<br />
AuthDBMType SDBM<br />
AuthDBMUserFile /www/etc/dbmpasswd<br />
Require valid-user<br />
</span>
&lt;/Location&gt;
</code></p></div>
<p>See <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> and <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>
for providers.</p>
<p>The value <code>Off</code> clears the provider list and sets it back
to the default.</p>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>

131
docs/manual/mod/mod_auth_digest.html.en
View File

@ -10,34 +10,39 @@
</a></th><td>Experimental</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module<6C>Identifier:
</a></th><td>auth_digest_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source<63>File:
</a></th><td>mod_auth_digest.c</td></tr></table><h3>Summary</h3>
<p>This module implements HTTP Digest Authentication. However, it
<p>This module implements HTTP Digest Authentication. However, it
has not been extensively tested and is therefore marked
experimental.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authdigestalgorithm">AuthDigestAlgorithm</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestdomain">AuthDigestDomain</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestfile">AuthDigestFile</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestgroupfile">AuthDigestGroupFile</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnccheck">AuthDigestNcCheck</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnonceformat">AuthDigestNonceFormat</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnoncelifetime">AuthDigestNonceLifetime</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestprovider">AuthDigestProvider</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestqop">AuthDigestQop</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestshmemsize">AuthDigestShmemSize</a></li>
</ul><h3>Topics</h3><ul id="topics"><li><img alt="" src="../images/down.gif" /> <a href="#using">Using Digest Authentication</a></li></ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="using" id="using">Using Digest Authentication</a></h2>
<p>Using MD5 Digest authentication is very simple. Simply set
up authentication normally, using "AuthType Digest" and
"AuthDigestFile" instead of the normal "AuthType Basic" and
"AuthUserFile"; also, replace any "AuthGroupFile" with
"AuthDigestGroupFile". Then add a "AuthDigestDomain" directive
containing at least the root URI(s) for this protection space.
Example:</p>
up authentication normally, using <code>AuthType Digest</code> and
<code class="directive"><a href="#authdigestprovider">AuthDigestProvider</a></code>
instead of the normal <code>AuthType Basic</code> and
<code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>.
Then add a <code class="directive"><a href="#authdigestdomain">AuthDigestDomain</a></code> directive containing at least the root
URI(s) for this protection space.</p>
<div class="example"><p><code>
<p>Appropriate user (text) files can be created using the
<a href="../programs/htdigest.html">htdigest</a> tool.</p>
<div class="example"><h3>Example:</h3><p><code>
&lt;Location /private/&gt;<br />
<span class="indent">
AuthType Digest<br />
AuthName "private area"<br />
AuthDigestDomain /private/ http://mirror.my.dom/private2/<br />
AuthDigestFile /web/auth/.digest_pw<br />
<br />
AuthDigestProvider file<br />
AuthUserFile /web/auth/.digest_pw<br />
Require valid-user<br />
</span>
&lt;/Location&gt;
@ -46,11 +51,11 @@
<div class="note"><h3>Note</h3>
<p>Digest authentication provides a more secure password system
than Basic authentication, but only works with supporting
browsers. As of July 2002, the major browsers that support digest
browsers. As of November 2002, the major browsers that support digest
authentication are <a href="http://www.opera.com/">Opera</a>, <a href="http://www.microsoft.com/windows/ie/">MS Internet
Explorer</a> (fails when used with a query string), <a href="http://www.w3.org/Amaya/">Amaya</a> and <a href="http://www.mozilla.org">Mozilla</a>. Since digest
Explorer</a> (fails when used with a query string), <a href="http://www.w3.org/Amaya/">Amaya</a>, <a href="http://www.mozilla.org">Mozilla</a> and <a href="http://channels.netscape.com/ns/browsers/download.jsp">Netscape</a> since version 7. Since digest
authentication is not as widely implemented as basic
authentication, you should use it only in controlled settings.</p>
authentication, you should use it only in controlled environments.</p>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestAlgorithm" id="AuthDigestAlgorithm">AuthDigestAlgorithm</a> <a name="authdigestalgorithm" id="authdigestalgorithm">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Selects the algorithm used to calculate the challenge and
@ -97,48 +102,6 @@ authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
which case clients (which understand this) will then share
username/password info across multiple servers without
prompting the user each time. </p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestFile" id="AuthDigestFile">AuthDigestFile</a> <a name="authdigestfile" id="authdigestfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Location of the text file containing the list
of users and encoded passwords for digest authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthDigestFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_digest</td></tr></table>
<p>The <code class="directive">AuthDigestFile</code> directive sets the
name of a textual file containing the list of users and encoded
passwords for digest authentication. <var>File-path</var> is the
absolute path to the user file.</p>
<p>The digest file uses a special format. Files in this format
can be created using the <a href="../programs/htdigest.html">htdigest</a> utility found in
the support/ subdirectory of the Apache distribution.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestGroupFile" id="AuthDigestGroupFile">AuthDigestGroupFile</a> <a name="authdigestgroupfile" id="authdigestgroupfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Name of the text file containing the list of groups
for digest authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthDigestGroupFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_digest</td></tr></table>
<p>The <code class="directive">AuthDigestGroupFile</code> directive sets
the name of a textual file containing the list of groups and their
members (user names). <var>File-path</var> is the absolute path to
the group file.</p>
<p>Each line of the group file contains a groupname followed by
a colon, followed by the member usernames separated by spaces.
Example:</p>
<div class="example"><p><code>mygroup: bob joe anne</code></p></div>
<p>Note that searching large text files is <em>very</em>
inefficient.</p>
<p>Security: make sure that the AuthGroupFile is stored outside
the document tree of the web-server; do <em>not</em> put it in
the directory that it protects. Otherwise, clients will be able
to download the AuthGroupFile.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestNcCheck" id="AuthDigestNcCheck">AuthDigestNcCheck</a> <a name="authdigestnccheck" id="authdigestnccheck">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Enables or disables checking of the nonce-count sent by the
server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
@ -158,8 +121,8 @@ server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_digest</td></tr></table>
<p><strong>Not implemented yet.</strong>
</p>
<div class="note">Not implemented yet.</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestNonceLifetime" id="AuthDigestNonceLifetime">AuthDigestNonceLifetime</a> <a name="authdigestnoncelifetime" id="authdigestnoncelifetime">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>How long the server nonce is valid</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthDigestNonceLifetime <var>seconds</var></code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
@ -177,6 +140,26 @@ server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
seconds. If <var>seconds</var> is less than 0 then the nonce never
expires.
</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestProvider" id="AuthDigestProvider">AuthDigestProvider</a> <a name="authdigestprovider" id="authdigestprovider">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the authentication provider(s) for this location</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthDigestProvider On|Off|<var>provider-name</var>
[<var>provider-name</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthBasicProvider On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_digest</td></tr></table>
<p>The <code class="directive">AuthDigestProvider</code> directive sets
which provider is used to authenticate the users for this location.
Setting the value to <code>On</code> will choose the default provider
(<code>file</code>). Since the <code>file</code> provider is implemented
by the <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> module, you have to make sure,
that the module is present in the server.</p>
<p>See <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> and <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>
for providers.</p>
<p>The value <code>Off</code> clears the provider list and sets it back
to the default.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestQop" id="AuthDigestQop">AuthDigestQop</a> <a name="authdigestqop" id="authdigestqop">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Determines the quality-of-protection to use in digest
authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
@ -187,8 +170,8 @@ authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_digest</td></tr></table>
<p>The <code class="directive">AuthDigestQop</code> directive determines
the quality-of-protection to use. <code>auth</code> will only do
authentication (username/password); <code>auth-int</code> is
the <dfn>quality-of-protection</dfn> to use. <code>auth</code> will
only do authentication (username/password); <code>auth-int</code> is
authentication plus integrity checking (an MD5 hash of the entity
is also computed and checked); <code>none</code> will cause the module
to use the old RFC-2069 digest algorithm (which does not include
@ -200,4 +183,32 @@ authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
<div class="note">
<code>auth-int</code> is not implemented yet.
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestShmemSize" id="AuthDigestShmemSize">AuthDigestShmemSize</a> <a name="authdigestshmemsize" id="authdigestshmemsize">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>The amount of shared memory to allocate for keeping track
of clients</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthDigestShmemSize <var>size</var></code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthDigestShmemSize 1000</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>server config</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_digest</td></tr></table>
<p>The <code class="directive">AuthDigestShmemSize</code> directive defines
the amount of shared memory, that will be allocated at the server
startup for keeping track of clients. Note that the shared memory
segment cannot be set less than the space that is neccessary for
tracking at least <em>one</em> client. This value is dependant on your
system. If you want to find out the exact value, you may simply
set <code class="directive">AuthDigestShmemSize</code> to the value of
<code>0</code> and read the error message after trying to start the
server.</p>
<p>The <var>size</var> is normally expressed in Bytes, but you
may let the number follow a <code>K</code> or an <code>M</code> to
express your value as KBytes or MBytes. For example, the following
directives are all equivalent:</p>
<div class="example"><p><code>
AuthDigestShmemSize 1048576<br />
AuthDigestShmemSize 1024K<br />
AuthDigestShmemSize 1M<br />
</code></p></div>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>

131
docs/manual/mod/mod_authn_anon.html.en
View File

@ -11,8 +11,9 @@
</a></th><td>authn_anon_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source<63>File:
</a></th><td>mod_authn_anon.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
<p>This module does access control in a manner similar to
anonymous-ftp sites; <em>i.e.</em> have a 'magic' user id
<p>This module provides authentication front-ends such as
<code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> to authenticate users similar
to anonymous-ftp sites, <em>i.e.</em> have a 'magic' user id
'anonymous' and the email address as a password. These email
addresses can be logged.</p>
@ -23,29 +24,30 @@
tracking is that, unlike magic-cookies and funny URL
pre/postfixes, it is completely browser independent and it
allows users to share URLs.</p>
<p>When using <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>, this module is invoked
via the <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
directive with the <code>anon</code> value.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#anonymous">Anonymous</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#anonymous_authoritative">Anonymous_Authoritative</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#anonymous_logemail">Anonymous_LogEmail</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#anonymous_nouserid">Anonymous_NoUserID</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#anonymous_verifyemail">Anonymous_VerifyEmail</a></li>
</ul><h3>Topics</h3><ul id="topics"><li><img alt="" src="../images/down.gif" /> Example</li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2>Example</h2>
<p>The example below (when combined with the Auth directives of a
htpasswd-file based (or GDM, mSQL <em>etc.</em>) base access
control system allows users in as 'guests' with the following
properties:</p>
</ul><h3>Topics</h3><ul id="topics"><li><img alt="" src="../images/down.gif" /> <a href="#example">Example</a></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="example" id="example">Example</a></h2>
<p>The example below is combined with "normal" htpasswd-file based
authentication and allows users in additionally as 'guests' with the
following properties:</p>
<ul>
<li>It insists that the user enters a userId.
(<code>Anonymous_NoUserId</code>)</li>
(<code class="directive"><a href="#anonymous_nouserid">Anonymous_NoUserId</a></code>)</li>
<li>It insists that the user enters a password.
(<code>Anonymous_MustGiveEmail</code>)</li>
(<code class="directive"><a href="#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></code>)</li>
<li>The password entered must be a valid email address, ie.
<li>The password entered must be a valid email address, <em>i.e.</em>
contain at least one '@' and a '.'.
(<code>Anonymous_VerifyEmail</code>)</li>
(<code class="directive"><a href="#anonymous_verifyemail">Anonymous_VerifyEmail</a></code>)</li>
<li>The userID must be one of <code>anonymous guest www test
welcome</code> and comparison is <strong>not</strong> case
@ -53,38 +55,34 @@
<li>And the Email addresses entered in the passwd field are
logged to the error log file
(<code>Anonymous_LogEmail</code>)</li>
(<code class="directive"><a href="#anonymous_logemail">Anonymous_LogEmail</a></code>)</li>
</ul>
<p>Excerpt of httpd.conf:</p>
<div class="example"><p><code>
Anonymous_NoUserId off<br />
Anonymous_MustGiveEmail on<br />
Anonymous_VerifyEmail on<br />
Anonymous_LogEmail on<br />
Anonymous anonymous guest www test welcome<br />
<br />
AuthName "Use 'anonymous' &amp; Email address for
guest entry"<br />
AuthType basic<br />
<br />
# An
AuthUserFile/AuthDBMUserFile<br />
# directive must be specified, or use<br />
# Anonymous_Authoritative for public access.<br />
# In the .htaccess for the public directory, add:<br />
&lt;Files *&gt;<br />
Order Deny,Allow<br />
Allow from all<br />
<br />
Require valid-user<br />
&lt;/Files&gt;<br />
</code></p></div>
<div class="example"><h3>Example</h3><p><code>
&lt;Directory /foo&gt;
<span class="indent">
AuthName "Use 'anonymous' &amp; Email address for guest entry"<br />
AuthType Basic<br />
AuthBasicProvider file anon<br />
AuthUserFile /path/to/your/.htpasswd<br />
<br />
Anonymous_NoUserId off<br />
Anonymous_MustGiveEmail on<br />
Anonymous_VerifyEmail on<br />
Anonymous_LogEmail on<br />
Anonymous anonymous guest www test welcome<br />
<br />
Order Deny,Allow<br />
Allow from all<br />
<br />
Require valid-user<br />
</span>
&lt;/Directory&gt;
</code></p></div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous" id="Anonymous">Anonymous</a> <a name="anonymous" id="anonymous">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Specifies userIDs that areallowed access without
password verification</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>Anonymous <em>user</em> [<em>user</em>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code>Anonymous <var>user</var> [<var>user</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
@ -96,50 +94,33 @@ password verification</td></tr><tr><th><a href="directive-dict.html#Syntax">Synt
<p>Please note that the comparison is
<strong>case-IN-sensitive</strong>.<br />
I strongly suggest that the magic username
It's strongly recommended that the magic username
'<code>anonymous</code>' is always one of the allowed
userIDs.</p>
<p>Example:</p>
<div class="example"><p><code>Anonymous anonymous "Not Registered" 'I don\'t know'</code></p></div>
<div class="example"><h3>Example:</h3><p><code>
Anonymous anonymous "Not Registered" "I don't know"
</code></p></div>
<p>This would allow the user to enter without password
verification by using the userId's 'anonymous',
'AnonyMous','Not Registered' and 'I Don't Know'.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_Authoritative" id="Anonymous_Authoritative">Anonymous_Authoritative</a> <a name="anonymous_authoritative" id="anonymous_authoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Configures if authorization will fall-through
to other methods</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>Anonymous_Authoritative on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Anonymous_Authoritative off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_anon</td></tr></table>
<p>When set 'on', there is no fall-through to other authorization
methods. So if a userID does not match the values specified in the
<code class="directive"><a href="#anonymous">Anonymous</a></code> directive,
access is denied.</p>
<p>Be sure you know what you are doing when you decide to
switch it on. And remember that it is the linking order of the
modules (in the Configuration / Make file) which details the
order in which the Authorization modules are queried.</p>
verification by using the userIDs "anonymous",
"AnonyMous", "Not Registered" and "I Don't Know".</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_LogEmail" id="Anonymous_LogEmail">Anonymous_LogEmail</a> <a name="anonymous_logemail" id="anonymous_logemail">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether the password entered will be logged in the
error log</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>Anonymous_LogEmail on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Anonymous_LogEmail on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code>Anonymous_LogEmail On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Anonymous_LogEmail On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_anon</td></tr></table>
<p>When set <code>on</code>, the default, the 'password' entered
<p>When set <code>On</code>, the default, the 'password' entered
(which hopefully contains a sensible email address) is logged in
the error log.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_MustGiveEmail" id="Anonymous_MustGiveEmail">Anonymous_MustGiveEmail</a> <a name="anonymous_mustgiveemail" id="anonymous_mustgiveemail">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Specifies whether blank passwords are allowed</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>Anonymous_MustGiveEmail on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Anonymous_MustGiveEmail on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code>Anonymous_MustGiveEmail On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Anonymous_MustGiveEmail On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
@ -148,26 +129,26 @@ error log</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
the password. This prohibits blank passwords.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_NoUserID" id="Anonymous_NoUserID">Anonymous_NoUserID</a> <a name="anonymous_nouserid" id="anonymous_nouserid">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether the userID field may be empty</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>Anonymous_NoUserID on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Anonymous_NoUserID off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code>Anonymous_NoUserID On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Anonymous_NoUserID Off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_anon</td></tr></table>
<p>When set <code>on</code>, users can leave the userID (and
<p>When set <code>On</code>, users can leave the userID (and
perhaps the password field) empty. This can be very convenient for
MS-Explorer users who can just hit return or click directly on the
OK button; which seems a natural reaction.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_VerifyEmail" id="Anonymous_VerifyEmail">Anonymous_VerifyEmail</a> <a name="anonymous_verifyemail" id="anonymous_verifyemail">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether to check the password field for a correctly
formatted email address</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>Anonymous_VerifyEmail on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Anonymous_VerifyEmail off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code>Anonymous_VerifyEmail On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Anonymous_VerifyEmail Off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_anon</td></tr></table>
<p>When set <code>on</code> the 'password' entered is checked for
<p>When set <code>On</code> the 'password' entered is checked for
at least one '@' and a '.' to encourage users to enter valid email
addresses (see the above <code class="directive"><a href="#auth_logemail">Auth_LogEmail</a></code>).</p>
addresses (see the above <code class="directive"><a href="#anonymous_logemail">Anonymous_LogEmail</a></code>).</p>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>

31
docs/manual/mod/mod_authn_dbm.html.en
View File

@ -12,14 +12,15 @@
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
<p>This module provides authentication front-ends such as
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>
to authenticate users by looking up users in plain text password files.
Similar functionality is provided by <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>.</p>
to authenticate users by looking up users in <dfn>dbm</dfn> password
files. Similar functionality is provided by
<code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>.</p>
<p>When using <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the
<code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or
<code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
with the 'dbm' value.</p>
with the <code>dbm</code> value.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authdbmtype">AuthDBMType</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdbmuserfile">AuthDBMUserFile</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li><li>
@ -34,27 +35,25 @@ store passwords</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_dbm</td></tr><tr><th><a href="directive-dict.html#Compatibility">Compatibility:
</a></th><td>Available in version 2.0.30 and later.</td></tr></table>
</a></th><td>mod_authn_dbm</td></tr></table>
<p>Sets the type of database file that is used to store the passwords.
The default database type is determined at compile time. The
availability of other types of database files also depends on
<a href="../install.html#dbm">compile-time settings</a>.</p>
<p>Sets the type of database file that is used to store the passwords.
The default database type is determined at compile time. The
availability of other types of database files also depends on
<a href="../install.html#dbm">compile-time settings</a>.</p>
<p>It is crucial that whatever program you use to create your password
files is configured to use the same type of database.</p>
<p>It is crucial that whatever program you use to create your password
files is configured to use the same type of database.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMUserFile" id="AuthDBMUserFile">AuthDBMUserFile</a> <a name="authdbmuserfile" id="authdbmuserfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the name of a database file containing the list of users and
passwords for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthDBMUserFile <em>file-path</em></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code>AuthDBMUserFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_dbm</td></tr></table>
<p>The <code class="directive">AuthDBMUserFile</code> directive sets the
name of a DBM file containing the list of users and passwords for
user authentication. <em>File-path</em> is the absolute path to
user authentication. <var>File-path</var> is the absolute path to
the user file.</p>
<p>The user file is keyed on the username. The value for a user is
@ -69,8 +68,8 @@ passwords for authentication</td></tr><tr><th><a href="directive-dict.html#Synta
download the <code class="directive">AuthDBMUserFile</code>.</p>
<p>Important compatibility note: The implementation of
"dbmopen" in the apache modules reads the string length of the
hashed values from the DBM data structures, rather than relying
<code>dbmopen</code> in the apache modules reads the string length of
the hashed values from the DBM data structures, rather than relying
upon the string being NULL-appended. Some applications, such as
the Netscape web server, rely upon the string being
NULL-appended, so if you are having trouble using DBM files

39
docs/manual/mod/mod_authn_default.html.en Normal file
View File

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
--><title>mod_authn_default - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.1</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs-project/">Documentation</a> &gt; <a href="../">Version 2.1</a> &gt; <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authn_default</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
</a></th><td>Authentication fallback module</td></tr><tr><th><a href="module-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module<6C>Identifier:
</a></th><td>authn_default_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source<63>File:
</a></th><td>mod_authn_default.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
<p>This module is designed to be the fallback module, if you don't
have configured an authentication module like
<code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>. It simply rejects any
credentials supplied by the user.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authdefaultauthoritative">AuthDefaultAuthoritative</a></li>
</ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDefaultAuthoritative" id="AuthDefaultAuthoritative">AuthDefaultAuthoritative</a> <a name="authdefaultauthoritative" id="authdefaultauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether authentication is passed to lower level
modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthDefaultAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthDefaultAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_default</td></tr></table>
<p>Setting the <code class="directive">AuthDefaultAuthoritative</code> directive
explicitly to <code>Off</code> allows for authentication to be passed on
to lower level modules (as defined in the <code>modules.c</code>
files).</p>
<div class="note"><h3>Note</h3>
<p>Normally there are no lower level modules, since
<code class="module"><a href="../mod/mod_authn_default.html">mod_authn_default</a></code> is defined to be already on
a <em>very low</em> level. Therefore you should leave the value of
<code class="directive">AuthDefaultAuthoritative</code> as default
(<code>On</code>).</p>
</div>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>

61
docs/manual/mod/mod_authn_file.html.en
View File

@ -10,7 +10,6 @@
</a></th><td>authn_file_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source<63>File:
</a></th><td>mod_authn_file.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
<p>This module provides authentication front-ends such as
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>
to authenticate users by looking up users in plain text password files.
@ -20,53 +19,67 @@
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the
<code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or
<code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
with the 'file' value.</p>
with the <code>file</code> value.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authuserfile">AuthUserFile</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li><li>
</ul><h3>See also</h3><ul class="seealso"><li>
<code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
</li><li>
<code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
</li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthUserFile" id="AuthUserFile">AuthUserFile</a> <a name="authuserfile" id="authuserfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</li><li><a href="../programs/htpasswd.html">htpasswd</a></li><li><a href="../programs/htdigest.html">htdigest</a></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthUserFile" id="AuthUserFile">AuthUserFile</a> <a name="authuserfile" id="authuserfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the name of a text file containing the list of users and
passwords for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthUserFile <em>file-path</em></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code>AuthUserFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_file</td></tr></table>
<p>The <code class="directive">AuthUserFile</code> directive sets the name
of a textual file containing the list of users and passwords for
user authentication. <em>File-path</em> is the path to the user
file. If it is not absolute (<em>i.e.</em>, if it doesn't begin
with a slash), it is treated as relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
user authentication. <var>File-path</var> is the path to the user
file. If it is not absolute, it is treated as relative to the
<code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
<p>Each line of the user file contains a username followed by
a colon, followed by the <code>crypt()</code> encrypted
password. The behavior of multiple occurrences of the same user is
undefined.</p>
a colon, followed by the encrypted password. If the same user
ID is defined multiple times, <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> will
use the first occurrence to verify the password.</p>
<p>The utility <a href="../programs/htpasswd.html">htpasswd</a>
which is installed as part of the binary distribution, or which
can be found in <code>src/support</code>, is used to maintain
this password file. See the <code>man</code> page for more
details. In short:</p>
the password file for <em>HTTP Basic Authentication</em>. See the
<a href="../programs/htpasswd.html">man page</a> for more details.
In short:</p>
<p>Create a password file 'Filename' with 'username' as the
initial ID. It will prompt for the password:</p>
<div class="example"><p><code>htpasswd -c Filename username</code></p></div>
<p>Create a password file <code>Filename</code> with
<code>username</code> as the initial ID. It will prompt for
the password:</p>
<p>Add or modify 'username2' in the password file 'Filename':</p>
<div class="example"><p><code>htpasswd Filename username2</code></p></div>
<div class="example"><p><code>
htpasswd -c Filename username
</code></p></div>
<p>Add or modify <code>username2</code> in the password file
<code>Filename</code>:</p>
<div class="example"><p><code>
htpasswd Filename username2
</code></p></div>
<p>Note that searching large text files is <em>very</em>
inefficient; <code class="directive"><a href="../mod/mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile</a></code> should be used
instead.</p>
<div class="note"><h3>Security</h3>
<p>Make sure that the <code class="directive">AuthUserFile</code> is
stored outside the document tree of the web-server; do <em>not</em>
put it in the directory that it protects. Otherwise, clients will
be able to download the <code class="directive">AuthUserFile</code>.</p>
<p>If you are using <em>HTTP Digest Authentication</em>, the <a href="../programs/htpasswd.html">htpasswd</a> tool is not sufficient.
You have to use <a href="../programs/htdigest.html">htdigest</a>
instead. Note that you cannot mix user data for Digest Authentication
and Basic Authentication within the same file.</p>
<div class="warning"><h3>Security</h3>
<p>Make sure that the <code class="directive">AuthUserFile</code> is
stored outside the document tree of the web-server. Do
<strong>not</strong> put it in the directory that it protects.
Otherwise, clients may be able to download the
<code class="directive">AuthUserFile</code>.</p>
</div>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>

96
docs/manual/mod/mod_authz_dbm.html.en
View File

@ -20,14 +20,14 @@
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMGroupFile" id="AuthDBMGroupFile">AuthDBMGroupFile</a> <a name="authdbmgroupfile" id="authdbmgroupfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the name of the database file containing the list
of user groups for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthDBMGroupFile <em>file-path</em></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code>AuthDBMGroupFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_dbm</td></tr></table>
<p>The <code class="directive">AuthDBMGroupFile</code> directive sets the
name of a DBM file containing the list of user groups for user
authentication. <em>File-path</em> is the absolute path to the
authentication. <var>File-path</var> is the absolute path to the
group file.</p>
<p>The group file is keyed on the username. The value for a
@ -35,12 +35,14 @@ of user groups for authentication</td></tr><tr><th><a href="directive-dict.html#
belongs. There must be no whitespace within the value, and it
must never contain any colons.</p>
<p>Security: make sure that the
<code class="directive">AuthDBMGroupFile</code> is stored outside the
document tree of the web-server; do <em>not</em> put it in the
directory that it protects. Otherwise, clients will be able to
download the <code class="directive">AuthDBMGroupFile</code> unless
otherwise protected.</p>
<div class="warning"><h3>Security</h3>
<p>Make sure that the <code class="directive">AuthDBMGroupFile</code> is
stored outside the document tree of the web-server. Do
<strong>not</strong> put it in the directory that it protects.
Otherwise, clients will be able to download the
<code class="directive">AuthDBMGroupFile</code> unless otherwise
protected.</p>
</div>
<p>Combining Group and Password DBM files: In some cases it is
easier to manage a single database which contains both the
@ -50,41 +52,40 @@ of user groups for authentication</td></tr><tr><th><a href="directive-dict.html#
accomplished by first setting the group and password files to
point to the same DBM:</p>
<div class="example"><p><code>
AuthDBMGroupFile /www/userbase<br />
AuthDBMUserFile /www/userbase
</code></p></div>
<div class="example"><p><code>
AuthDBMGroupFile /www/userbase<br />
AuthDBMUserFile /www/userbase
</code></p></div>
<p>The key for the single DBM is the username. The value consists
of</p>
<div class="example"><p><code>Unix Crypt-ed Password : List of Groups [ : (ignored)
]</code></p></div>
<div class="example"><p><code>
Encrypted Password : List of Groups [ : (ignored) ]
</code></p></div>
<p>The password section contains the Unix <code>crypt()</code>
<p>The password section contains the encrypted
password as before. This is followed by a colon and the comma
separated list of groups. Other data may optionally be left in the
DBM file after another colon; it is ignored by the authentication
module. This is what www.telescope.org uses for its combined
password and group database.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzDBMAuthoritative" id="AuthzDBMAuthoritative">AuthzDBMAuthoritative</a> <a name="authzdbmauthoritative" id="authzdbmauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether authorization will be passed on to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthzDBMAuthoritative on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthzDBMAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>Sets whether authorization will be passed on to lower level
modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthzDBMAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthzDBMAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_dbm</td></tr></table>
<p>Setting the <code class="directive">AuthzDBMAuthoritative</code>
directive explicitly to <strong>'off'</strong> allows for both
authentication and authorization to be passed on to lower level
modules (as defined in the <code>Configuration</code> and
<code>modules.c</code> file if there is <strong>no userID</strong>
or <strong>rule</strong> matching the supplied userID. If there is
a userID and/or rule specified; the usual password and access
checks will be applied and a failure will give an Authorization
Required reply.</p>
directive explicitly to <code>Off</code> allows group authorization
to be passed on to lower level modules (as defined in the
<code>modules.c</code> file) if there is no group found
for the the supplied userID. If there are any groups
specified, the usual checks will be applied and a failure will
give an Authentication Required reply.</p>
<p>So if a userID appears in the database of more than one module;
or if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
@ -93,21 +94,24 @@ AuthDBMUserFile /www/userbase
regardless of the <code class="directive">AuthAuthoritative</code> setting.</p>
<p>A common use for this is in conjunction with one of the
auth providers; such as <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. Whereas this
DBM module supplies the bulk of the user credential checking; a
few (administrator) related accesses fall through to a lower
level with a well protected .htpasswd file.</p>
auth providers; such as <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> or
<code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. Whereas this DBM module supplies
the bulk of the user credential checking; a few (administrator) related
accesses fall through to a lower level with a well protected
<code>.htpasswd</code> file.</p>
<p>By default, control is not passed on and an unknown userID
or rule will result in an Authorization Required reply. Not
<p>By default, control is not passed on and an unknown group
will result in an Authentication Required reply. Not
setting it thus keeps the system secure and forces an NCSA
compliant behaviour.</p>
<p>Security: Do consider the implications of allowing a user to
allow fall-through in his .htaccess file; and verify that this
is really what you want; Generally it is easier to just secure
a single .htpasswd file, than it is to secure a database which
might have more access interfaces.</p>
<div class="warning"><h3>Security</h3>
<p>Do consider the implications of allowing a user to
allow fall-through in his .htaccess file; and verify that this
is really what you want; Generally it is easier to just secure
a single <code>.htpasswd</code> file, than it is to secure a
database which might have more access interfaces.</p>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzDBMType" id="AuthzDBMType">AuthzDBMType</a> <a name="authzdbmtype" id="authzdbmtype">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the type of database file that is used to
store passwords</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
@ -116,14 +120,12 @@ store passwords</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_dbm</td></tr><tr><th><a href="directive-dict.html#Compatibility">Compatibility:
</a></th><td>Available in version 2.0.30 and later.</td></tr></table>
</a></th><td>mod_authz_dbm</td></tr></table>
<p>Sets the type of database file that is used to store the passwords.
The default database type is determined at compile time. The
availability of other types of database files also depends on
<a href="../install.html#dbm">compile-time settings</a>.</p>
<p>Sets the type of database file that is used to store the passwords.
The default database type is determined at compile time. The
availability of other types of database files also depends on
<a href="../install.html#dbm">compile-time settings</a>.</p>
<p>It is crucial that whatever program you use to create your password
files is configured to use the same type of database.</p>
<p>It is crucial that whatever program you use to create your password
files is configured to use the same type of database.</p>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>

39
docs/manual/mod/mod_authz_default.html.en Normal file
View File

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
--><title>mod_authz_default - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.1</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs-project/">Documentation</a> &gt; <a href="../">Version 2.1</a> &gt; <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authz_default</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
</a></th><td>Authorization fallback module</td></tr><tr><th><a href="module-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module<6C>Identifier:
</a></th><td>authz_default_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source<63>File:
</a></th><td>mod_authz_default.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
<p>This module is designed to be the fallback module, if you don't
have configured an authorization module like
<code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code> or <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code>.
It simply rejects any authorization request.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authzdefaultauthoritative">AuthzDefaultAuthoritative</a></li>
</ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzDefaultAuthoritative" id="AuthzDefaultAuthoritative">AuthzDefaultAuthoritative</a> <a name="authzdefaultauthoritative" id="authzdefaultauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether authorization is passed to lower level
modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthzDefaultAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthzDefaultAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_default</td></tr></table>
<p>Setting the <code class="directive">AuthzDefaultAuthoritative</code> directive
explicitly to <code>Off</code> allows for authorization to be passed on
to lower level modules (as defined in the <code>modules.c</code>
files).</p>
<div class="note"><h3>Note</h3>
<p>Normally there are no lower level modules, since
<code class="module"><a href="../mod/mod_authz_default.html">mod_authz_default</a></code> is defined to be already on
a <em>very low</em> level. Therefore you should leave the value of
<code class="directive">AuthzDefaultAuthoritative</code> as default
(<code>On</code>).</p>
</div>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>

80
docs/manual/mod/mod_authz_groupfile.html.en
View File

@ -6,78 +6,70 @@
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
--><title>mod_authz_groupfile - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.1</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs-project/">Documentation</a> &gt; <a href="../">Version 2.1</a> &gt; <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authz_groupfile</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
</a></th><td>Group authorization using plaintext files</td></tr><tr><th><a href="module-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module<6C>Identifier:
</a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module<6C>Identifier:
</a></th><td>authz_groupfile_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source<63>File:
</a></th><td>mod_authz_groupfile.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
<p>This module provides authorization capabilities so that
authenticated users can be allowed or denied access to portions
of the web site by group membership. Similar functionality is
provided by <code class="module"><a href="../mod/mod_authz_dbm.html">mod_authz_dbm</a></code>.</p>
authenticated users can be allowed or denied access to portions
of the web site by group membership. Similar functionality is
provided by <code class="module"><a href="../mod/mod_authz_dbm.html">mod_authz_dbm</a></code>.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authgroupfile">AuthGroupFile</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authzgroupfileauthoritative">AuthzGroupFileAuthoritative</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthGroupFile" id="AuthGroupFile">AuthGroupFile</a> <a name="authgroupfile" id="authgroupfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the name of a text file containing the list
of user groups for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthGroupFile <em>file-path</em></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code>AuthGroupFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_groupfile</td></tr></table>
<p>The <code class="directive">AuthGroupFile</code> directive sets the
name of a textual file containing the list of user groups for user
authentication. <em>File-path</em> is the path to the group
file. If it is not absolute (<em>i.e.</em>, if it doesn't begin
with a slash), it is treated as relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
authentication. <var>File-path</var> is the path to the group
file. If it is not absolute, it is treated as relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
<p>Each line of the group file contains a groupname followed by a
colon, followed by the member usernames separated by spaces.
Example:</p>
colon, followed by the member usernames separated by spaces.</p>
<div class="example"><p><code>mygroup: bob joe anne</code></p></div>
<div class="example"><h3>Example:</h3><p><code>
mygroup: bob joe anne
</code></p></div>
<p>Note that searching large text files is <em>very</em>
inefficient; <code class="directive"><a href="../mod/mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a></code> should be used
instead.</p>
inefficient; <code class="directive"><a href="../mod/mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a></code> provides a much better performance.</p>
<div class="note"><h3>Security</h3>
<p>Make sure that the <code class="directive">AuthGroupFile</code> is
stored outside the document tree of the web-server; do <em>not</em>
put it in the directory that it protects. Otherwise, clients will
be able to download the <code class="directive">AuthGroupFile</code>.</p>
<div class="warning"><h3>Security</h3>
<p>Make sure that the <code class="directive">AuthGroupFile</code> is
stored outside the document tree of the web-server; do <em>not</em>
put it in the directory that it protects. Otherwise, clients may
be able to download the <code class="directive">AuthGroupFile</code>.</p>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzGroupFileAuthoritative" id="AuthzGroupFileAuthoritative">AuthzGroupFileAuthoritative</a> <a name="authzgroupfileauthoritative" id="authzgroupfileauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether authorization will be passed on to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthzGroupFileAuthoritative on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthzGroupFileAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>Sets whether authorization will be passed on to lower level
modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthzGroupFileAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthzGroupFileAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_groupfile</td></tr></table>
<p>Setting the <code class="directive">AuthzGroupFileAuthoritative</code>
directive explicitly to <strong>'off'</strong> allows for
authorization to be passed on to lower level modules (as defined in
the <code>Configuration</code> and <code>modules.c</code> file if
there is <strong>no userID</strong> or <strong>rule</strong> matching
the supplied userID. If there is a userID and/or rule specified; the
usual password and access checks will be applied and a failure will
give an Authorization Required reply.</p>
directive explicitly to <code>Off</code> allows for
group authorization to be passed on to lower level modules (as defined
in the <code>modules.c</code> files) if there is <strong>no
group</strong> matching the supplied userID.</p>
<p>So if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
directive applies to more than one module; then the first module
will verify the credentials; and no access is passed on;
regardless of the <code class="directive">AuthzGroupFileAuthoritative</code>
setting.</p>
<p>By default, control is not passed on and an unknown userID
or rule will result in an Authorization Required reply. Not
<p>By default, control is not passed on and an unknown group
will result in an Authentication Required reply. Not
setting it thus keeps the system secure and forces an NCSA
compliant behaviour.</p>
<p>Security: Do consider the implications of allowing a user to
allow fall-through in his .htaccess file; and verify that this
is really what you want; Generally it is easier to just secure
a single .htpasswd file, than it is to secure a database which
might have more access interfaces.</p>
<div class="warning"><h3>Security</h3>
<p>Do consider the implications of allowing a user to
allow fall-through in his <code>.htaccess</code> file; and verify
that this is really what you want; Generally it is easier to just
secure a single <code>.htpasswd</code> file, than it is to secure
a database which might have more access interfaces.</p>
</div>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>

121
docs/manual/mod/mod_authz_host.html.en
View File

@ -42,14 +42,12 @@ address)</td></tr><tr><th><a href="module-dict.html#Status">Status:
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Allow" id="Allow">Allow</a> <a name="allow" id="allow">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Controls which hosts can access an area of the
server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code> Allow from
all|<em>host</em>|env=<em>env-variable</em>
[<em>host</em>|env=<em>env-variable</em>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code> Allow from all|<var>host</var>|env=<var>env-variable</var>
[<var>host</var>|env=<var>env-variable</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>Limit</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_host</td></tr></table>
<p>The <code class="directive">Allow</code> directive affects which hosts can
access an area of the server. Access can be controlled by
hostname, IP Address, IP Address range, or by other
@ -68,38 +66,52 @@ server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
<dl>
<dt>A (partial) domain-name</dt>
<dd>Example: <code>Allow from apache.org</code><br />
Hosts whose names match, or end in, this string are allowed
<dd>
<div class="example"><h3>Example:</h3><p><code>
Allow from apache.org
</code></p></div>
<p>Hosts whose names match, or end in, this string are allowed
access. Only complete components are matched, so the above
example will match <code>foo.apache.org</code> but it will
not match <code>fooapache.org</code>. This configuration will
cause the server to perform a reverse DNS lookup on the
client IP address, regardless of the setting of the <code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code>
directive.</dd>
directive.</p></dd>
<dt>A full IP address</dt>
<dd>Example: <code>Allow from 10.1.2.3</code><br />
An IP address of a host allowed access</dd>
<dd>
<div class="example"><h3>Example:</h3><p><code>
Allow from 10.1.2.3
</code></p></div>
<p>An IP address of a host allowed access</p></dd>
<dt>A partial IP address</dt>
<dd>Example: <code>Allow from 10.1</code><br />
The first 1 to 3 bytes of an IP address, for subnet
restriction.</dd>
<dd>
<div class="example"><h3>Example:</h3><p><code>
Allow from 10.1
</code></p></div>
<p>The first 1 to 3 bytes of an IP address, for subnet
restriction.</p></dd>
<dt>A network/netmask pair</dt>
<dd>Example: <code>Allow from
10.1.0.0/255.255.0.0</code><br />
A network a.b.c.d, and a netmask w.x.y.z. For more
fine-grained subnet restriction.</dd>
<dd>
<div class="example"><h3>Example:</h3><p><code>
Allow from 10.1.0.0/255.255.0.0
</code></p></div>
<p>A network a.b.c.d, and a netmask w.x.y.z. For more
fine-grained subnet restriction.</p></dd>
<dt>A network/nnn CIDR specification</dt>
<dd>Example: <code>Allow from 10.1.0.0/16</code><br />
Similar to the previous case, except the netmask consists of
nnn high-order 1 bits.</dd>
<dd>
<div class="example"><h3>Example:</h3><p><code>
Allow from 10.1.0.0/16
</code></p></div>
<p>Similar to the previous case, except the netmask consists of
nnn high-order 1 bits.</p></dd>
</dl>
<p>Note that the last three examples above match exactly the
@ -116,25 +128,26 @@ server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
<p>The third format of the arguments to the
<code class="directive">Allow</code> directive allows access to the server
to be controlled based on the existence of an <a href="../env.html">environment variable</a>. When <code>Allow from
env=</code><em>env-variable</em> is specified, then the request is
allowed access if the environment variable <em>env-variable</em>
env=<var>env-variable</var></code> is specified, then the request is
allowed access if the environment variable <var>env-variable</var>
exists. The server provides the ability to set environment
variables in a flexible way based on characteristics of the client
request using the directives provided by
<code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>. Therefore, this directive can be
<code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>. Therefore, this directive can be
used to allow access based on such factors as the clients
<code>User-Agent</code> (browser type), <code>Referer</code>, or
other HTTP request header fields.</p>
<div class="example"><h3>Example:</h3><p><code>
SetEnvIf User-Agent ^KnockKnock/2.0 let_me_in<br />
&lt;Directory /docroot&gt;<br />
<EFBFBD><EFBFBD> Order Deny,Allow<br />
<EFBFBD><EFBFBD> Deny from all<br />
<EFBFBD><EFBFBD> Allow from env=let_me_in<br />
&lt;/Directory&gt;
</code></p></div>
<div class="example"><h3>Example:</h3><p><code>
SetEnvIf User-Agent ^KnockKnock/2.0 let_me_in<br />
&lt;Directory /docroot&gt;<br />
<span class="indent">
Order Deny,Allow<br />
Deny from all<br />
Allow from env=let_me_in<br />
</span>
&lt;/Directory&gt;
</code></p></div>
<p>In this case, browsers with a user-agent string beginning
with <code>KnockKnock/2.0</code> will be allowed access, and all
@ -142,9 +155,8 @@ SetEnvIf User-Agent ^KnockKnock/2.0 let_me_in<br />
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Deny" id="Deny">Deny</a> <a name="deny" id="deny">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Controls which hosts are denied access to the
server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code> Deny from
all|<em>host</em>|env=<em>env-variable</em>
[<em>host</em>|env=<em>env-variable</em>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td><code> Deny from all|<var>host</var>|env=<var>env-variable</var>
[<var>host</var>|env=<var>env-variable</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>Limit</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
@ -157,28 +169,27 @@ server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td>Controls the default access state and the order in which
Allow and Deny are
evaluated.</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code> Order <em>ordering</em></code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code> Order <var>ordering</var></code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Order Deny,Allow</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>Limit</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_host</td></tr></table>
<p>The <code class="directive">Order</code> directive controls the default
access state and the order in which <code class="directive"><a href="#allow">Allow</a></code> and <code class="directive"><a href="#deny">Deny</a></code> directives are evaluated.
<em>Ordering</em> is one of</p>
<var>Ordering</var> is one of</p>
<dl>
<dt>Deny,Allow</dt>
<dt><code>Deny,Allow</code></dt>
<dd>The <code class="directive"><a href="#deny">Deny</a></code> directives
are evaluated before the <code class="directive"><a href="#allow">Allow</a></code> directives. Access is
allowed by default. Any client which does not match a
allowed by default. Any client which does not match a
<code class="directive"><a href="#deny">Deny</a></code> directive or does
match an <code class="directive"><a href="#allow">Allow</a></code>
directive will be allowed access to the server.</dd>
<dt>Allow,Deny</dt>
<dt><code>Allow,Deny</code></dt>
<dd>The <code class="directive"><a href="#allow">Allow</a></code>
directives are evaluated before the <code class="directive"><a href="#deny">Deny</a></code> directives. Access is denied
@ -186,7 +197,7 @@ evaluated.</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
<code class="directive"><a href="#deny">Deny</a></code> directive will be
denied access to the server.</dd>
<dt>Mutual-failure</dt>
<dt><code>Mutual-failure</code></dt>
<dd>Only those hosts which appear on the <code class="directive"><a href="#allow">Allow</a></code> list and do not appear on
the <code class="directive"><a href="#deny">Deny</a></code> list are
@ -195,17 +206,17 @@ evaluated.</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
configuration.</dd>
</dl>
<p>Keywords may only be separated by a comma; no whitespace is
<p>Keywords may only be separated by a comma; <em>no whitespace</em> is
allowed between them. Note that in all cases every <code class="directive"><a href="#allow">Allow</a></code> and <code class="directive"><a href="#deny">Deny</a></code> statement is evaluated.</p>
<p>In the following example, all hosts in the apache.org domain
are allowed access; all other hosts are denied access.</p>
<div class="example"><p><code>
<div class="example"><p><code>
Order Deny,Allow<br />
Deny from all<br />
Allow from apache.org<br />
</code></p></div>
Allow from apache.org
</code></p></div>
<p>In the next example, all hosts in the apache.org domain are
allowed access, except for the hosts which are in the
@ -213,11 +224,11 @@ evaluated.</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
in the apache.org domain are denied access because the default
state is to deny access to the server.</p>
<div class="example"><p><code>
Order Allow,Deny<br />
Allow from apache.org<br />
Deny from foo.apache.org<br />
</code></p></div>
<div class="example"><p><code>
Order Allow,Deny<br />
Allow from apache.org<br />
Deny from foo.apache.org
</code></p></div>
<p>On the other hand, if the <code class="directive">Order</code> in the last
example is changed to <code>Deny,Allow</code>, all hosts will
@ -232,13 +243,15 @@ evaluated.</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
<p>The presence of an <code class="directive">Order</code> directive can affect
access to a part of the server even in the absence of accompanying
<code class="directive"><a href="#allow">Allow</a></code> and <code class="directive"><a href="#deny">Deny</a></code> directives because of its effect
on the default access state. For example,</p>
on the default access state. For example,</p>
<div class="example"><p><code>
<div class="example"><p><code>
&lt;Directory /www&gt;<br />
<EFBFBD><EFBFBD>Order Allow,Deny<br />
<span class="indent">
Order Allow,Deny<br />
</span>
&lt;/Directory&gt;
</code></p></div>
</code></p></div>
<p>will deny all access to the <code>/www</code> directory
because the default access state will be set to

39
docs/manual/mod/mod_authz_user.html.en Normal file
View File

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
--><title>mod_authz_user - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.1</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs-project/">Documentation</a> &gt; <a href="../">Version 2.1</a> &gt; <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authz_user</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
</a></th><td>User Authorization</td></tr><tr><th><a href="module-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module<6C>Identifier:
</a></th><td>authz_user_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source<63>File:
</a></th><td>mod_authz_user.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
<p>This module provides authorization capabilities so that
authenticated users can be allowed or denied access to portions
of the web site. <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code> grants
access if the authenticated user is listed in a <code>Require user</code>
directive. Alternatively <code>require valid-user</code> can be used to
grant access to all successfully authenticated users.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authzuserauthoritative">AuthzUserAuthoritative</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzUserAuthoritative" id="AuthzUserAuthoritative">AuthzUserAuthoritative</a> <a name="authzuserauthoritative" id="authzuserauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether authorization will be passed on to lower level
modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthzUserAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>AuthzUserAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_user</td></tr></table>
<p>Setting the <code class="directive">AuthzUserAuthoritative</code>
directive explicitly to <code>Off</code> allows for
user authorization to be passed on to lower level modules (as defined
in the <code>modules.c</code> files) if there is <strong>no
user</strong> matching the supplied userID.</p>
<p>By default, control is not passed on and an unknown user
will result in an Authentication Required reply. Not
setting it to <code>Off</code> thus keeps the system secure and forces
an NCSA compliant behaviour.</p>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>

65
docs/manual/mod/quickreference.html.en
View File

@ -90,50 +90,50 @@ onto the specified content type</td></tr>
<tr><td><a href="mod_alias.html#aliasmatch">AliasMatch <var>regex</var>
<var>file-path</var>|<var>directory-path</var></a></td><td /><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps URLs to filesystem locations using regular
expressions</td></tr>
<tr class="odd"><td><a href="mod_authz_host.html#allow"> Allow from
all|<em>host</em>|env=<em>env-variable</em>
[<em>host</em>|env=<em>env-variable</em>] ...</a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls which hosts can access an area of the
<tr class="odd"><td><a href="mod_authz_host.html#allow"> Allow from all|<var>host</var>|env=<var>env-variable</var>
[<var>host</var>|env=<var>env-variable</var>] ...</a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls which hosts can access an area of the
server</td></tr>
<tr><td><a href="mod_proxy.html#allowconnect">AllowCONNECT <em>port</em> [<em>port</em>] ...</a></td><td> 443 563 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Ports that are allowed to <code>CONNECT</code> through
the proxy</td></tr>
<tr class="odd"><td><a href="core.html#allowoverride">AllowOverride All|None|<var>directive-type</var>
[<var>directive-type</var>] ...</a></td><td> All </td><td>d</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Types of directives that are allowed in
.htaccess files</td></tr>
<tr><td><a href="mod_authn_anon.html#anonymous">Anonymous <em>user</em> [<em>user</em>] ...</a></td><td /><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies userIDs that areallowed access without
<tr><td><a href="mod_authn_anon.html#anonymous">Anonymous <var>user</var> [<var>user</var>] ...</a></td><td /><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies userIDs that areallowed access without
password verification</td></tr>
<tr class="odd"><td><a href="mod_authn_anon.html#anonymous_authoritative">Anonymous_Authoritative on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures if authorization will fall-through
to other methods</td></tr>
<tr><td><a href="mod_authn_anon.html#anonymous_logemail">Anonymous_LogEmail on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether the password entered will be logged in the
<tr class="odd"><td><a href="mod_authn_anon.html#anonymous_logemail">Anonymous_LogEmail On|Off</a></td><td> On </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether the password entered will be logged in the
error log</td></tr>
<tr class="odd"><td><a href="mod_authn_anon.html#anonymous_mustgiveemail">Anonymous_MustGiveEmail on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies whether blank passwords are allowed</td></tr>
<tr><td><a href="mod_authn_anon.html#anonymous_nouserid">Anonymous_NoUserID on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether the userID field may be empty</td></tr>
<tr class="odd"><td><a href="mod_authn_anon.html#anonymous_verifyemail">Anonymous_VerifyEmail on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether to check the password field for a correctly
<tr><td><a href="mod_authn_anon.html#anonymous_mustgiveemail">Anonymous_MustGiveEmail On|Off</a></td><td> On </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies whether blank passwords are allowed</td></tr>
<tr class="odd"><td><a href="mod_authn_anon.html#anonymous_nouserid">Anonymous_NoUserID On|Off</a></td><td> Off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether the userID field may be empty</td></tr>
<tr><td><a href="mod_authn_anon.html#anonymous_verifyemail">Anonymous_VerifyEmail On|Off</a></td><td> Off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether to check the password field for a correctly
formatted email address</td></tr>
<tr><td><a href="perchild.html#assignuserid">AssignUserID <var>user_id</var> <var>group_id</var></a></td><td /><td>v</td><td>M</td></tr><tr><td class="descr" colspan="4">-</td></tr>
<tr class="odd"><td><a href="mod_auth_basic.html#authbasicauthoritative">AuthBasicAuthoritative on|off</a></td><td> on </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether authorization and authentication are
passed to lower level modules</td></tr>
<tr><td><a href="mod_auth_basic.html#authbasicprovider">AuthBasicProvider <em>provider-name</em></a></td><td /><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
<tr class="odd"><td><a href="mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile <em>file-path</em></a></td><td /><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the name of the database file containing the list
<tr class="odd"><td><a href="perchild.html#assignuserid">AssignUserID <var>user_id</var> <var>group_id</var></a></td><td /><td>v</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
<tr><td><a href="mod_auth_basic.html#authbasicauthoritative">AuthBasicAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets whether authorization and authentication are passed to
lower level modules</td></tr>
<tr class="odd"><td><a href="mod_auth_basic.html#authbasicprovider">AuthBasicProvider On|Off|<var>provider-name</var>
[<var>provider-name</var>] ...</a></td><td> On </td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
<tr><td><a href="mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile <var>file-path</var></a></td><td /><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the name of the database file containing the list
of user groups for authentication</td></tr>
<tr><td><a href="mod_authn_dbm.html#authdbmtype">AuthDBMType default|SDBM|GDBM|NDBM|DB</a></td><td> default </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the type of database file that is used to
<tr class="odd"><td><a href="mod_authn_dbm.html#authdbmtype">AuthDBMType default|SDBM|GDBM|NDBM|DB</a></td><td> default </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the type of database file that is used to
store passwords</td></tr>
<tr class="odd"><td><a href="mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile <em>file-path</em></a></td><td /><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the name of a database file containing the list of users and
<tr><td><a href="mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile <var>file-path</var></a></td><td /><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the name of a database file containing the list of users and
passwords for authentication</td></tr>
<tr class="odd"><td><a href="mod_authn_default.html#authdefaultauthoritative">AuthDefaultAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether authentication is passed to lower level
modules</td></tr>
<tr><td><a href="mod_auth_digest.html#authdigestalgorithm">AuthDigestAlgorithm MD5|MD5-sess</a></td><td> MD5 </td><td>dh</td><td>X</td></tr><tr><td class="descr" colspan="4">Selects the algorithm used to calculate the challenge and
response hases in digest authentication</td></tr>
<tr class="odd"><td><a href="mod_auth_digest.html#authdigestdomain">AuthDigestDomain <var>URI</var> [<var>URI</var>] ...</a></td><td /><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">URIs that are in the same protection space for digest
authentication</td></tr>
<tr><td><a href="mod_auth_digest.html#authdigestfile">AuthDigestFile <var>file-path</var></a></td><td /><td>dh</td><td>X</td></tr><tr><td class="descr" colspan="4">Location of the text file containing the list
of users and encoded passwords for digest authentication</td></tr>
<tr class="odd"><td><a href="mod_auth_digest.html#authdigestgroupfile">AuthDigestGroupFile <var>file-path</var></a></td><td /><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the text file containing the list of groups
for digest authentication</td></tr>
<tr><td><a href="mod_auth_digest.html#authdigestnccheck">AuthDigestNcCheck On|Off</a></td><td> Off </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Enables or disables checking of the nonce-count sent by the
server</td></tr>
<tr class="odd"><td><a href="mod_auth_digest.html#authdigestnonceformat">AuthDigestNonceFormat <var>format</var></a></td><td /><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines how the nonce is generated</td></tr>
<tr><td><a href="mod_auth_digest.html#authdigestnoncelifetime">AuthDigestNonceLifetime <var>seconds</var></a></td><td> 300 </td><td>dh</td><td>X</td></tr><tr><td class="descr" colspan="4">How long the server nonce is valid</td></tr>
<tr class="odd"><td><a href="mod_auth_digest.html#authdigestqop">AuthDigestQop none|auth|auth-int [auth|auth-int]</a></td><td> auth </td><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the quality-of-protection to use in digest
<tr class="odd"><td><a href="mod_auth_digest.html#authdigestprovider">AuthDigestProvider On|Off|<var>provider-name</var>
[<var>provider-name</var>] ...</a></td><td /><td>d</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
<tr><td><a href="mod_auth_digest.html#authdigestqop">AuthDigestQop none|auth|auth-int [auth|auth-int]</a></td><td> auth </td><td>dh</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines the quality-of-protection to use in digest
authentication</td></tr>
<tr><td><a href="mod_authz_groupfile.html#authgroupfile">AuthGroupFile <em>file-path</em></a></td><td /><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the name of a text file containing the list
<tr class="odd"><td><a href="mod_auth_digest.html#authdigestshmemsize">AuthDigestShmemSize <var>size</var></a></td><td> 1000 </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The amount of shared memory to allocate for keeping track
of clients</td></tr>
<tr><td><a href="mod_authz_groupfile.html#authgroupfile">AuthGroupFile <var>file-path</var></a></td><td /><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets the name of a text file containing the list
of user groups for authentication</td></tr>
<tr class="odd"><td><a href="mod_auth_ldap.html#authldapauthoritative">AuthLDAPAuthoritative on|off</a></td><td> on </td><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Prevent other authentication modules from
authenticating the user if this one fails</td></tr>
@ -153,12 +153,18 @@ environment variable</td></tr>
<tr class="odd"><td><a href="core.html#authname">AuthName <var>auth-domain</var></a></td><td /><td>dh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Authorization realm for use in HTTP
authentication</td></tr>
<tr><td><a href="core.html#authtype">AuthType Basic|Digest</a></td><td /><td>dh</td><td>C</td></tr><tr><td class="descr" colspan="4">Type of user authentication</td></tr>
<tr class="odd"><td><a href="mod_authn_file.html#authuserfile">AuthUserFile <em>file-path</em></a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the name of a text file containing the list of users and
<tr class="odd"><td><a href="mod_authn_file.html#authuserfile">AuthUserFile <var>file-path</var></a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the name of a text file containing the list of users and
passwords for authentication</td></tr>
<tr><td><a href="mod_authz_dbm.html#authzdbmauthoritative">AuthzDBMAuthoritative on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether authorization will be passed on to lower level modules</td></tr>
<tr><td><a href="mod_authz_dbm.html#authzdbmauthoritative">AuthzDBMAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether authorization will be passed on to lower level
modules</td></tr>
<tr class="odd"><td><a href="mod_authz_dbm.html#authzdbmtype">AuthzDBMType default|SDBM|GDBM|NDBM|DB</a></td><td> default </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the type of database file that is used to
store passwords</td></tr>
<tr><td><a href="mod_authz_groupfile.html#authzgroupfileauthoritative">AuthzGroupFileAuthoritative on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether authorization will be passed on to lower level modules</td></tr>
<tr><td><a href="mod_authz_default.html#authzdefaultauthoritative">AuthzDefaultAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets whether authorization is passed to lower level
modules</td></tr>
<tr class="odd"><td><a href="mod_authz_groupfile.html#authzgroupfileauthoritative">AuthzGroupFileAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether authorization will be passed on to lower level
modules</td></tr>
<tr><td><a href="mod_authz_user.html#authzuserauthoritative">AuthzUserAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets whether authorization will be passed on to lower level
modules</td></tr>
<tr class="odd"><td><a href="mod_setenvif.html#browsermatch" id="B" name="B">BrowserMatch <em>regex [!]env-variable</em>[=<em>value</em>]
[[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td /><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables conditional on HTTP User-Agent
</td></tr>
@ -245,9 +251,8 @@ server cannot determine a type in any other way</td></tr>
<tr><td><a href="mod_deflate.html#deflatefilternote">DeflateFilterNote <var>notename</var></a></td><td /><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Places the compression ratio in a note for logging</td></tr>
<tr class="odd"><td><a href="mod_deflate.html#deflatememlevel">DeflateMemLevel <var>value</var></a></td><td> 9 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">How much memory should be used by zlib for compression</td></tr>
<tr><td><a href="mod_deflate.html#deflatewindowsize">DeflateWindowSize <var>value</var></a></td><td> 15 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Zlib compression window size</td></tr>
<tr class="odd"><td><a href="mod_authz_host.html#deny"> Deny from
all|<em>host</em>|env=<em>env-variable</em>
[<em>host</em>|env=<em>env-variable</em>] ...</a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls which hosts are denied access to the
<tr class="odd"><td><a href="mod_authz_host.html#deny"> Deny from all|<var>host</var>|env=<var>env-variable</var>
[<var>host</var>|env=<var>env-variable</var>] ...</a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls which hosts are denied access to the
server</td></tr>
<tr><td><a href="core.html#directory">&lt;Directory <var>directory-path</var>&gt;
... &lt;/Directory&gt;</a></td><td /><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Enclose a group of directives that apply only to the
@ -415,7 +420,7 @@ to directly</td></tr>
<tr><td><a href="core.html#options" id="O" name="O">Options
[+|-]<var>option</var> [[+|-]<var>option</var>] ...</a></td><td> All </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures what features are available in a particular
directory</td></tr>
<tr class="odd"><td><a href="mod_authz_host.html#order"> Order <em>ordering</em></a></td><td> Deny,Allow </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls the default access state and the order in which
<tr class="odd"><td><a href="mod_authz_host.html#order"> Order <var>ordering</var></a></td><td> Deny,Allow </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls the default access state and the order in which
<code class="directive">Allow</code> and <code class="directive">Deny</code> are
evaluated.</td></tr>
<tr><td><a href="mod_env.html#passenv" id="P" name="P">PassEnv <var>env-variable</var> [<var>env-variable</var>]

3
docs/manual/sitemap.html.en
View File

@ -98,10 +98,13 @@ Server on HPUX</a></li>
<li><a href="mod/mod_auth_ldap.html">Apache Module mod_auth_ldap</a></li>
<li><a href="mod/mod_authn_anon.html">Apache Module mod_authn_anon</a></li>
<li><a href="mod/mod_authn_dbm.html">Apache Module mod_authn_dbm</a></li>
<li><a href="mod/mod_authn_default.html">Apache Module mod_authn_default</a></li>
<li><a href="mod/mod_authn_file.html">Apache Module mod_authn_file</a></li>
<li><a href="mod/mod_authz_dbm.html">Apache Module mod_authz_dbm</a></li>
<li><a href="mod/mod_authz_default.html">Apache Module mod_authz_default</a></li>
<li><a href="mod/mod_authz_groupfile.html">Apache Module mod_authz_groupfile</a></li>
<li><a href="mod/mod_authz_host.html">Apache Module mod_authz_host</a></li>
<li><a href="mod/mod_authz_user.html">Apache Module mod_authz_user</a></li>
<li><a href="mod/mod_autoindex.html">Apache Module mod_autoindex</a></li>
<li><a href="mod/mod_cache.html">Apache Module mod_cache</a></li>
<li><a href="mod/mod_cern_meta.html">Apache Module mod_cern_meta</a></li>