reformatting, markup and picking nits

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97890 13f79535-47bb-0310-9956-ffa450edef68
2025-07-30 20:03:10 +03:00 · 2002-12-12 07:02:57 +00:00
parent decf33d6d8
commit fa4d5df0da
4 changed files with 26 additions and 22 deletions
--- a/docs/manual/mod/mod_auth_basic.html.en
+++ b/docs/manual/mod/mod_auth_basic.html.en
@ -62,16 +62,17 @@ lower level modules</td></tr>
    <strong>no userID</strong> or <strong>rule</strong> matching the
    supplied userID. If there is a userID and/or rule specified, the usual
    password and access checks will be applied and a failure will give
-    an Authorization Required reply.</p>
+    an "Authentication Required" reply.</p>

    <p>So if a userID appears in the database of more than one module;
    or if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
    directive applies to more than one module; then the first module
    will verify the credentials; and no access is passed on;
-    regardless of the AuthAuthoritative setting.</p>
+    regardless of the <code class="directive">AuthBasicAuthoritative</code>
+    setting.</p>

    <p>By default control is not passed on and an unknown userID or
-    rule will result in an Authorization Required reply. Not setting
+    rule will result in an "Authentication Required" reply. Not setting
    it thus keeps the system secure and forces an NCSA compliant
    behaviour.</p>

--- a/docs/manual/mod/mod_auth_basic.xml
+++ b/docs/manual/mod/mod_auth_basic.xml
@ -72,16 +72,17 @@ lower level modules</description>
    <strong>no userID</strong> or <strong>rule</strong> matching the
    supplied userID. If there is a userID and/or rule specified, the usual
    password and access checks will be applied and a failure will give
-    an Authorization Required reply.</p>
+    an "Authentication Required" reply.</p>

    <p>So if a userID appears in the database of more than one module;
    or if a valid <directive module="core">Require</directive>
    directive applies to more than one module; then the first module
    will verify the credentials; and no access is passed on;
-    regardless of the AuthAuthoritative setting.</p>
+    regardless of the <directive>AuthBasicAuthoritative</directive>
+    setting.</p>

    <p>By default control is not passed on and an unknown userID or
-    rule will result in an Authorization Required reply. Not setting
+    rule will result in an "Authentication Required" reply. Not setting
    it thus keeps the system secure and forces an NCSA compliant
    behaviour.</p>
 </usage>
--- a/docs/manual/mod/mod_authn_dbm.html.en
+++ b/docs/manual/mod/mod_authn_dbm.html.en
@ -94,15 +94,16 @@ passwords for authentication</td></tr>
    the user file.</p>

    <p>The user file is keyed on the username. The value for a user is
-    the <code>crypt()</code> encrypted password, optionally followed
-    by a colon and arbitrary data. The colon and the data following it
-    will be ignored by the server.</p>
+    the encrypted password, optionally followed by a colon and arbitrary
+    data. The colon and the data following it will be ignored by the
+    server.</p>

-    <p>Security: make sure that the
-    <code class="directive">AuthDBMUserFile</code> is stored outside the
-    document tree of the web-server; do <em>not</em> put it in the
-    directory that it protects. Otherwise, clients will be able to
-    download the <code class="directive">AuthDBMUserFile</code>.</p>
+    <div class="warning"><h3>Security:</h3>
+      <p>Make sure that the <code class="directive">AuthDBMUserFile</code> is stored
+      outside the document tree of the web-server; do <em>not</em> put it in
+      the directory that it protects. Otherwise, clients will be able to
+      download the <code class="directive">AuthDBMUserFile</code>.</p>
+    </div>

    <p>Important compatibility note: The implementation of
    <code>dbmopen</code> in the apache modules reads the string length of
--- a/docs/manual/mod/mod_authn_dbm.xml
+++ b/docs/manual/mod/mod_authn_dbm.xml
@ -49,15 +49,16 @@ passwords for authentication</description>
    the user file.</p>

    <p>The user file is keyed on the username. The value for a user is
-    the <code>crypt()</code> encrypted password, optionally followed
-    by a colon and arbitrary data. The colon and the data following it
-    will be ignored by the server.</p>
+    the encrypted password, optionally followed by a colon and arbitrary
+    data. The colon and the data following it will be ignored by the
+    server.</p>

-    <p>Security: make sure that the
-    <directive>AuthDBMUserFile</directive> is stored outside the
-    document tree of the web-server; do <em>not</em> put it in the
-    directory that it protects. Otherwise, clients will be able to
-    download the <directive>AuthDBMUserFile</directive>.</p>
+    <note type="warning"><title>Security:</title>
+      <p>Make sure that the <directive>AuthDBMUserFile</directive> is stored
+      outside the document tree of the web-server; do <em>not</em> put it in
+      the directory that it protects. Otherwise, clients will be able to
+      download the <directive>AuthDBMUserFile</directive>.</p>
+    </note>

    <p>Important compatibility note: The implementation of
    <code>dbmopen</code> in the apache modules reads the string length of