mod_auth_anon.html.en revision 5bf90772244e08b493f008381645dd3704417d40
75da45714b471969a6eb41b469237d51d1ed92beMark Craig<html xmlns="http://www.w3.org/TR/xhtml1/strict"><head><!--
75da45714b471969a6eb41b469237d51d1ed92beMark Craig XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
75da45714b471969a6eb41b469237d51d1ed92beMark Craig This file is generated from xml source: DO NOT EDIT
75da45714b471969a6eb41b469237d51d1ed92beMark Craig XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
75da45714b471969a6eb41b469237d51d1ed92beMark Craig --><title>mod_auth_anon- Apache HTTP Server</title><link href="/style/manual.css" type="text/css" rel="stylesheet"/></head><body><blockquote><div align="center"><img src="/images/sub.gif" alt="[APACHE DOCUMENTATION]"/><h3>Apache HTTP Server Version 2.0</h3></div><h1 align="center">Apache Module mod_auth_anon</h1><table cellspacing="1" cellpadding="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td valign="top"><span class="help">Description:</span></td><td>Allows "anonymous" user access to authenticated
75da45714b471969a6eb41b469237d51d1ed92beMark Craig areas</td></tr><tr><td><a href="module-dict.html#Status" class="help">Status:</a></td><td>Extension</td></tr><tr><td><a href="module-dict.html#ModuleIdentifier" class="help">Module Identifier:</a></td><td>auth_anon_module</td></tr></table></td></tr></table><h2>Summary</h2>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>This module does access control in a manner similar to
75da45714b471969a6eb41b469237d51d1ed92beMark Craig anonymous-ftp sites; <em>i.e.</em> have a 'magic' user id
75da45714b471969a6eb41b469237d51d1ed92beMark Craig 'anonymous' and the email address as a password. These email
75da45714b471969a6eb41b469237d51d1ed92beMark Craig addresses can be logged.</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>Combined with other (database) access control methods, this
75da45714b471969a6eb41b469237d51d1ed92beMark Craig allows for effective user tracking and customization according
75da45714b471969a6eb41b469237d51d1ed92beMark Craig to a user profile while still keeping the site open for
75da45714b471969a6eb41b469237d51d1ed92beMark Craig 'unregistered' users. One advantage of using Auth-based user
75da45714b471969a6eb41b469237d51d1ed92beMark Craig tracking is that, unlike magic-cookies and funny URL
780edb54801442497adec4f16256e80d53618bc5jenkins pre/postfixes, it is completely browser independent and it
75da45714b471969a6eb41b469237d51d1ed92beMark Craig allows users to share URLs.</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig<h2>Directives</h2><ul><li><a href="#anonymous">Anonymous</a></li><li><a href="#anonymous_authoritative">Anonymous_Authoritative</a></li><li><a href="#anonymous_logemail">Anonymous_LogEmail</a></li><li><a href="#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></li><li><a href="#anonymous_nouserid">Anonymous_NoUserID</a></li><li><a href="#anonymous_verifyemail">Anonymous_VerifyEmail</a></li></ul><h2>Example</h2>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>The example below (when combined with the Auth directives of a
75da45714b471969a6eb41b469237d51d1ed92beMark Craig htpasswd-file based (or GDM, mSQL <em>etc.</em>) base access
75da45714b471969a6eb41b469237d51d1ed92beMark Craig control system allows users in as 'guests' with the following
1c39f25b4e11ae0397f825f3d031bd01983b98f0Bruno Lavit properties:</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <li>It insists that the user enters a userId.
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <li>It insists that the user enters a password.
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <li>The password entered must be a valid email address, ie.
75da45714b471969a6eb41b469237d51d1ed92beMark Craig contain at least one '@' and a '.'.
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <li>The userID must be one of <code>anonymous guest www test
75da45714b471969a6eb41b469237d51d1ed92beMark Craig welcome</code> and comparison is <strong>not</strong> case
75da45714b471969a6eb41b469237d51d1ed92beMark Craig sensitive.</li>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <li>And the Email addresses entered in the passwd field are
75da45714b471969a6eb41b469237d51d1ed92beMark Craig logged to the error log file
75da45714b471969a6eb41b469237d51d1ed92beMark Craig<blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig Anonymous_NoUserId off<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig Anonymous_MustGiveEmail on<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig Anonymous_VerifyEmail on<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig Anonymous_LogEmail on<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig Anonymous anonymous guest www test welcome<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig AuthName "Use 'anonymous' & Email address for
75da45714b471969a6eb41b469237d51d1ed92beMark Craig guest entry"<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig AuthType basic<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig # directive must be specified, or use<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig # Anonymous_Authoritative for public access.<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig # In the .htaccess for the public directory, add:<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <Files *><br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig Order Deny,Allow<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig Allow from all<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig Require valid-user<br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig </Files><br>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig<hr/><h2><a name="Anonymous">Anonymous</a> <a name="anonymous">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td nowrap="nowrap"><strong>Description: </strong></td><td>Specifies userIDs that areallowed access without
75da45714b471969a6eb41b469237d51d1ed92beMark Craigpassword verification</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td>Anonymous <em>user</em> [<em>user</em>] ...</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Override" class="help">Override:</a></td><td>AuthConfig</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Extension</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_auth_anon</td></tr></table></td></tr></table>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>A list of one or more 'magic' userIDs which are allowed
75da45714b471969a6eb41b469237d51d1ed92beMark Craig access without password verification. The userIDs are space
75da45714b471969a6eb41b469237d51d1ed92beMark Craig separated. It is possible to use the ' and " quotes to allow a
75da45714b471969a6eb41b469237d51d1ed92beMark Craig space in a userID as well as the \ escape character.</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>Please note that the comparison is
75da45714b471969a6eb41b469237d51d1ed92beMark Craig I strongly suggest that the magic username
75da45714b471969a6eb41b469237d51d1ed92beMark Craig '<code>anonymous</code>' is always one of the allowed
75da45714b471969a6eb41b469237d51d1ed92beMark Craig userIDs.</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig<blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code>Anonymous anonymous "Not Registered" 'I don\'t know'</code></td></tr></table></blockquote>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>This would allow the user to enter without password
75da45714b471969a6eb41b469237d51d1ed92beMark Craig verification by using the userId's 'anonymous',
75da45714b471969a6eb41b469237d51d1ed92beMark Craig 'AnonyMous','Not Registered' and 'I Don't Know'.</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig<hr/><h2><a name="Anonymous_Authoritative">Anonymous_Authoritative</a> <a name="anonymous_authoritative">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td nowrap="nowrap"><strong>Description: </strong></td><td>Configures if authorization will fall-through
75da45714b471969a6eb41b469237d51d1ed92beMark Craigto other methods</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td>Anonymous_Authoritative on|off</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Default" class="help">Default:</a></td><td><code>Anonymous_Authoritative off</code></td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Override" class="help">Override:</a></td><td>AuthConfig</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Extension</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_auth_anon</td></tr></table></td></tr></table>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>When set 'on', there is no fall-through to other authorization
75da45714b471969a6eb41b469237d51d1ed92beMark Craig methods. So if a userID does not match the values specified in the
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <a href="#anonymous" class="directive"><code class="directive">Anonymous</code></a> directive,
75da45714b471969a6eb41b469237d51d1ed92beMark Craig access is denied.</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>Be sure you know what you are doing when you decide to
75da45714b471969a6eb41b469237d51d1ed92beMark Craig switch it on. And remember that it is the linking order of the
75da45714b471969a6eb41b469237d51d1ed92beMark Craig modules (in the Configuration / Make file) which details the
75da45714b471969a6eb41b469237d51d1ed92beMark Craig order in which the Authorization modules are queried.</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig<hr/><h2><a name="Anonymous_LogEmail">Anonymous_LogEmail</a> <a name="anonymous_logemail">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td nowrap="nowrap"><strong>Description: </strong></td><td>Sets whether the password entered will be logged in the
75da45714b471969a6eb41b469237d51d1ed92beMark Craigerror log</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td>Anonymous_LogEmail on|off</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Default" class="help">Default:</a></td><td><code>Anonymous_LogEmail on</code></td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Override" class="help">Override:</a></td><td>AuthConfig</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Extension</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_auth_anon</td></tr></table></td></tr></table>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>When set <code>on</code>, the default, the 'password' entered
75da45714b471969a6eb41b469237d51d1ed92beMark Craig (which hopefully contains a sensible email address) is logged in
75da45714b471969a6eb41b469237d51d1ed92beMark Craig the error log.</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig<hr/><h2><a name="Anonymous_MustGiveEmail">Anonymous_MustGiveEmail</a> <a name="anonymous_mustgiveemail">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td nowrap="nowrap"><strong>Description: </strong></td><td>Specifies whether blank passwords are allowed</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td>Anonymous_MustGiveEmail on|off</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Default" class="help">Default:</a></td><td><code>Anonymous_MustGiveEmail on</code></td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Override" class="help">Override:</a></td><td>AuthConfig</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Extension</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_auth_anon</td></tr></table></td></tr></table>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>Specifies whether the user must specify an email address as
7bf512aea50c834dc9c3ef5a0a228059fcc753a5jenkins the password. This prohibits blank passwords.</p>
7bf512aea50c834dc9c3ef5a0a228059fcc753a5jenkins<hr/><h2><a name="Anonymous_NoUserID">Anonymous_NoUserID</a> <a name="anonymous_nouserid">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td nowrap="nowrap"><strong>Description: </strong></td><td>Sets whether the userID field may be empty</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td>Anonymous_NoUserID on|off</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Default" class="help">Default:</a></td><td><code>Anonymous_NoUserID off</code></td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Override" class="help">Override:</a></td><td>AuthConfig</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Extension</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_auth_anon</td></tr></table></td></tr></table>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>When set <code>on</code>, users can leave the userID (and
7bf512aea50c834dc9c3ef5a0a228059fcc753a5jenkins perhaps the password field) empty. This can be very convenient for
75da45714b471969a6eb41b469237d51d1ed92beMark Craig MS-Explorer users who can just hit return or click directly on the
7bf512aea50c834dc9c3ef5a0a228059fcc753a5jenkins OK button; which seems a natural reaction.</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig<hr/><h2><a name="Anonymous_VerifyEmail">Anonymous_VerifyEmail</a> <a name="anonymous_verifyemail">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td nowrap="nowrap"><strong>Description: </strong></td><td>Sets whether to check the password field for a correctly
75da45714b471969a6eb41b469237d51d1ed92beMark Craigformatted email address</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Syntax" class="help">Syntax:</a></td><td>Anonymous_VerifyEmail on|off</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Default" class="help">Default:</a></td><td><code>Anonymous_VerifyEmail off</code></td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Context" class="help">Context:</a></td><td>directory, .htaccess</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Override" class="help">Override:</a></td><td>AuthConfig</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Status" class="help">Status:</a></td><td>Extension</td></tr><tr><td nowrap="nowrap"><a href="directive-dict.html#Module" class="help">Module:</a></td><td>mod_auth_anon</td></tr></table></td></tr></table>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig <p>When set <code>on</code> the 'password' entered is checked for
75da45714b471969a6eb41b469237d51d1ed92beMark Craig at least one '@' and a '.' to encourage users to enter valid email
75da45714b471969a6eb41b469237d51d1ed92beMark Craig addresses (see the above <a href="#auth_logemail" class="directive"><code class="directive">Auth_LogEmail</code></a>).</p>
75da45714b471969a6eb41b469237d51d1ed92beMark Craig<hr/></blockquote><h3 align="center">Apache HTTP Server Version 2.0</h3><a href="./"><img src="/images/index.gif" alt="Index"/></a><a href="../"><img src="/images/home.gif" alt="Home"/></a></body></html>
