mirror of
https://github.com/apache/httpd.git
synced 2025-06-12 05:41:55 +03:00
4ef885c1ad
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97137 13f79535-47bb-0310-9956-ffa450edef68
82 lines
2.9 KiB
XML
82 lines
2.9 KiB
XML
<?xml version="1.0"?>
|
|
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
|
|
<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
|
|
<modulesynopsis>
|
|
|
|
<name>mod_auth_basic</name>
|
|
<description>Basic authentication</description>
|
|
<status>Base</status>
|
|
<sourcefile>mod_auth_basic.c</sourcefile>
|
|
<identifier>auth_basic_module</identifier>
|
|
<compatibility>Available in Apache 2.0.44 and later</compatibility>
|
|
|
|
<summary>
|
|
|
|
<p>This module allows the use of HTTP Basic Authentication to
|
|
restrict access by looking up users in the given providers.
|
|
HTTP Digest Authentication is provided by
|
|
<module>mod_auth_digest</module>.</p>
|
|
|
|
</summary>
|
|
<seealso><directive module="core">AuthName</directive></seealso>
|
|
<seealso><directive module="core">AuthType</directive></seealso>
|
|
|
|
<directivesynopsis>
|
|
<name>AuthBasicProvider</name>
|
|
<description>Sets the authentication provider(s) for this location</description>
|
|
<syntax>AuthBasicProvider <em>provider-name</em></syntax>
|
|
<contextlist>
|
|
<context>directory</context>
|
|
<context>.htaccess</context>
|
|
</contextlist>
|
|
<override>AuthConfig</override>
|
|
|
|
<usage>
|
|
<p>The <directive>AuthBasicProvider</directive> directive sets
|
|
which provider is used to authenticate the users for this location.</p>
|
|
|
|
<p>See <module>mod_authn_dbm</module>, <module>mod_authn_file</module>
|
|
for providers.</p>
|
|
|
|
</usage>
|
|
</directivesynopsis>
|
|
|
|
<directivesynopsis>
|
|
<name>AuthBasicAuthoritative</name>
|
|
<description>Sets whether authorization and authentication are
|
|
passed to lower level modules</description>
|
|
<syntax>AuthBasicAuthoritative on|off</syntax>
|
|
<default>AuthBasicAuthoritative on</default>
|
|
<contextlist>
|
|
<context>directory</context>
|
|
<context>.htaccess</context>
|
|
</contextlist>
|
|
<override>AuthConfig</override>
|
|
|
|
<usage>
|
|
<p>Setting the <directive>AuthBasicAuthoritative</directive> directive
|
|
explicitly to <strong>'off'</strong> allows for both
|
|
authentication and authorization to be passed on to lower level
|
|
modules (as defined in the <code>Configuration</code> and
|
|
<code>modules.c</code> files) if there is <strong>no
|
|
userID</strong> or <strong>rule</strong> matching the supplied
|
|
userID. If there is a userID and/or rule specified; the usual
|
|
password and access checks will be applied and a failure will give
|
|
an Authorization Required reply.</p>
|
|
|
|
<p>So if a userID appears in the database of more than one module;
|
|
or if a valid <directive module="core">Require</directive>
|
|
directive applies to more than one module; then the first module
|
|
will verify the credentials; and no access is passed on;
|
|
regardless of the AuthAuthoritative setting.</p>
|
|
|
|
<p>By default; control is not passed on; and an unknown userID or
|
|
rule will result in an Authorization Required reply. Not setting
|
|
it thus keeps the system secure; and forces an NCSA compliant
|
|
behaviour.</p>
|
|
|
|
</usage>
|
|
</directivesynopsis>
|
|
|
|
</modulesynopsis>
|