mirror of
https://github.com/apache/httpd.git
synced 2025-05-30 01:07:09 +03:00
625211496d
Submitted by: Vicent Bray < noodlet gmail com > git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@475021 13f79535-47bb-0310-9956-ffa450edef68
178 lines
6.8 KiB
XML
178 lines
6.8 KiB
XML
<?xml version="1.0"?>
|
|
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
|
|
<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
|
|
<!-- $LastChangedRevision$ -->
|
|
|
|
<!--
|
|
Licensed to the Apache Software Foundation (ASF) under one or more
|
|
contributor license agreements. See the NOTICE file distributed with
|
|
this work for additional information regarding copyright ownership.
|
|
The ASF licenses this file to You under the Apache License, Version 2.0
|
|
(the "License"); you may not use this file except in compliance with
|
|
the License. You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
-->
|
|
|
|
<modulesynopsis metafile="mod_authn_core.xml.meta">
|
|
|
|
<name>mod_authn_core</name>
|
|
<description>Core Authentication</description>
|
|
<status>Base</status>
|
|
<sourcefile>mod_authn_core.c</sourcefile>
|
|
<identifier>authn_core_module</identifier>
|
|
<compatibility>Available in Apache 2.3 and later</compatibility>
|
|
|
|
<summary>
|
|
<p>This module provides core authentication capabilities to
|
|
allow or deny access to portions of the web site.
|
|
<module>mod_authn_core</module> provides directives that are
|
|
common to all authentication providers.</p>
|
|
</summary>
|
|
|
|
<section id="authnalias"><title>Creating Provider Aliases</title>
|
|
|
|
<p>Extended authentication providers can be created
|
|
within the configuration file and assigned an alias name. The alias
|
|
providers can then be referenced through the directives
|
|
<directive module="mod_auth_basic">AuthBasicProvider</directive> or
|
|
<directive module="mod_auth_digest">AuthDigestProvider</directive> in
|
|
the same way as a base authentication provider. Besides the ability
|
|
to create and alias an extended provider, it also allows the same
|
|
extended authentication provider to be reference by multiple
|
|
locations.</p>
|
|
|
|
<section id="example"><title>Example</title>
|
|
<p>The example below creates two different ldap authentication
|
|
provider aliases based on the ldap provider. This allows
|
|
a single authenticated location can be serviced by multiple
|
|
ldap hosts:</p>
|
|
|
|
<example><title>Example</title>
|
|
LoadModule authn_alias_module modules/mod_authn_alias.so<br /><br />
|
|
<AuthnProviderAlias ldap ldap-alias1><br />
|
|
<indent>
|
|
AuthLDAPBindDN cn=youruser,o=ctx<br />
|
|
AuthLDAPBindPassword yourpassword<br />
|
|
AuthLDAPURL ldap://ldap.host/o=ctx<br />
|
|
</indent>
|
|
</AuthnProviderAlias><br /><br />
|
|
<AuthnProviderAlias ldap ldap-other-alias><br />
|
|
<indent>
|
|
AuthLDAPBindDN cn=yourotheruser,o=dev<br />
|
|
AuthLDAPBindPassword yourotherpassword<br />
|
|
AuthLDAPURL ldap://other.ldap.host/o=dev?cn<br />
|
|
</indent>
|
|
</AuthnProviderAlias><br /><br />
|
|
|
|
Alias /secure /webpages/secure<br />
|
|
<Directory /webpages/secure><br />
|
|
<indent>
|
|
Order deny,allow<br />
|
|
Allow from all<br /><br />
|
|
|
|
AuthBasicProvider ldap-other-alias ldap-alias1<br /><br />
|
|
|
|
AuthType Basic<br />
|
|
AuthName LDAP_Protected_Place<br />
|
|
require valid-user<br />
|
|
</indent>
|
|
</Directory><br />
|
|
</example>
|
|
</section>
|
|
|
|
</section>
|
|
|
|
|
|
<directivesynopsis>
|
|
<name>AuthName</name>
|
|
<description>Authorization realm for use in HTTP
|
|
authentication</description>
|
|
<syntax>AuthName <var>auth-domain</var></syntax>
|
|
<contextlist><context>directory</context><context>.htaccess</context>
|
|
</contextlist>
|
|
<override>AuthConfig</override>
|
|
|
|
<usage>
|
|
<p>This directive sets the name of the authorization realm for a
|
|
directory. This realm is given to the client so that the user
|
|
knows which username and password to send.
|
|
<directive>AuthName</directive> takes a single argument; if the
|
|
realm name contains spaces, it must be enclosed in quotation
|
|
marks. It must be accompanied by <directive
|
|
module="mod_authn_core">AuthType</directive> and <directive
|
|
module="mod_authz_core">Require</directive> directives, and directives such
|
|
as <directive module="mod_authn_file">AuthUserFile</directive> and
|
|
<directive module="mod_authz_groupfile">AuthGroupFile</directive> to
|
|
work.</p>
|
|
|
|
<p>For example:</p>
|
|
|
|
<example>
|
|
AuthName "Top Secret"
|
|
</example>
|
|
|
|
<p>The string provided for the <code>AuthName</code> is what will
|
|
appear in the password dialog provided by most browsers.</p>
|
|
</usage>
|
|
<seealso><a
|
|
href="../howto/auth.html">Authentication, Authorization, and
|
|
Access Control</a></seealso>
|
|
</directivesynopsis>
|
|
|
|
<directivesynopsis>
|
|
<name>AuthType</name>
|
|
<description>Type of user authentication</description>
|
|
<syntax>AuthType Basic|Digest</syntax>
|
|
<contextlist><context>directory</context><context>.htaccess</context>
|
|
</contextlist>
|
|
<override>AuthConfig</override>
|
|
|
|
<usage>
|
|
<p>This directive selects the type of user authentication for a
|
|
directory. The authentication types available are
|
|
<code>Basic</code> (implemented by
|
|
<module>mod_auth_basic</module>) and <code>Digest</code>
|
|
(implemented by <module>mod_auth_digest</module>).</p>
|
|
|
|
<p>To implement authentication, you must also use the <directive
|
|
module="mod_authn_core">AuthName</directive> and <directive
|
|
module="mod_authz_core">Require</directive> directives. In addition, the
|
|
server must have an authentication-provider module such as
|
|
<module>mod_authn_file</module> and an authorization module such
|
|
as <module>mod_authz_user</module>.</p>
|
|
</usage>
|
|
|
|
<seealso><a href="../howto/auth.html">Authentication, Authorization,
|
|
and Access Control</a></seealso>
|
|
</directivesynopsis>
|
|
|
|
<directivesynopsis type="section">
|
|
<name>AuthnProviderAlias</name>
|
|
<description>Enclose a group of directives that represent an
|
|
extension of a base authentication provider and referenced by
|
|
the specified alias</description>
|
|
<syntax><AuthnProviderAlias <var>baseProvider Alias</var>>
|
|
... </AuthnProviderAlias></syntax>
|
|
<contextlist><context>server config</context>
|
|
</contextlist>
|
|
|
|
<usage>
|
|
<p><directive type="section">AuthnProviderAlias</directive> and
|
|
<code></AuthnProviderAlias></code> are used to enclose a group of
|
|
authentication directives that can be referenced by the alias name
|
|
using one of the directives <directive module="mod_auth_basic">
|
|
AuthBasicProvider</directive> or <directive module="mod_auth_digest">
|
|
AuthDigestProvider</directive>.</p>
|
|
|
|
</usage>
|
|
</directivesynopsis>
|
|
|
|
</modulesynopsis>
|