mod_auth_anon.html revision db81e057b060e365d840d9a1d35a5797192efa81
2454dfa32c93c20a8522c6ed42fe057baaac9f9aStephan Bosch<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<!-- Background white, links blue (unvisited), navy (visited), red (active) -->
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen BGCOLOR="#FFFFFF"
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen TEXT="#000000"
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen LINK="#0000FF"
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen VLINK="#000080"
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen ALINK="#FF0000"
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<!--#include virtual="header.html" -->
9ddd3d7d8651985e373a6c48e0ddc76b8a4ef1c7Timo SirainenThis module is contained in the <code>mod_auth_anon.c</code> file and
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenis not compiled in by default. It is only available in Apache 1.1 and
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenlater. It allows "anonymous" user access to authenticated areas.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenIt does access control in a manner similar to anonymous-ftp sites; i.e.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenhave a 'magic' user id 'anonymous' and the email address as a password.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenThese email addresses can be logged.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenCombined with other (database) access control methods, this allows for
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Siraineneffective user tracking and customization according to a user profile
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenwhile still keeping the site open for 'unregistered' users. One advantage
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenof using Auth-based user tracking is that, unlike magic-cookies and
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenfunny URL pre/postfixes, it is completely browser independent and it
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenallows users to share URLs.
38505846b6d083e19f0a7d1373761bdda5d9a5a9Timo Sirainen<a href="#CompileTimeOptions">Compile time options</a> /
38505846b6d083e19f0a7d1373761bdda5d9a5a9Timo Sirainen<a href="#RevisionHistory">RevisionHistory</a> /
2087543679f0b35a8f70e1277b234e66ffdf96edTimo Sirainen<li><A HREF="#Authoritative">Anonymous_Authoritative</A>
f016dec9837e6a41867708e4b89ca5308dedab05Timo Sirainen<li><A HREF="#MustGiveEmail">Anonymous_MustGiveEmail</A>
d03a871a77f8ec36f48f5fea98d810e51b186fdbTimo Sirainen<li><A HREF="#VerifyEmail">Anonymous_VerifyEmail</A>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<h2><A name="anonymous">Anonymous directive</A></h2>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<!--%plaintext <?INDEX {\tt Anonymous} directive> -->
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Syntax:</strong> Anonymous <em>user user ...</em><br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Context:</strong> directory, .htaccess<br>
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen A list of one or more 'magic' userIDs which are allowed access
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen without password verification. The userIDs are space separated.
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen It is possible to use the ' and " quotes to allow a space in
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen a userID as well as the \ escape character.
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen Please note that the comparison is <b>case-IN-sensitive</b>.
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen I strongly suggest that the magic username '<code>anonymous</code>'
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen is always one of the allowed userIDs.
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen Anonymous: anonymous "Not Registered" 'I don\'t know'
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen This would allow the user to enter without password verification
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen by using the userId's 'anonymous', 'AnonyMous','Not Registered' and
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen 'I Don't Know'.
fe791e96fdf796f7d8997ee0515b163dc5eddd72Aki Tuomi<h2><A name="Authoritative">Anonymous_Authoritative directive</A></h2>
0b808b62a679c81f59958392507fd0f6b5bd4e34Aki Tuomi<strong>Syntax:</strong> Anonymous_Authoritative <em>on | off</em><br>
0b808b62a679c81f59958392507fd0f6b5bd4e34Aki Tuomi<strong>Default:</strong> <code>Anonymous_Authoritative off</code><br>
a8dac1be6a0c3adbbce5887ca395f418194c6c06Aki Tuomi When set 'on', there is no
a8dac1be6a0c3adbbce5887ca395f418194c6c06Aki Tuomi fall-through to other authorization methods. So if a
53f97800b16ab3a8d263c5331132dec1e8fea9a0Aki Tuomi userID does not match the values specified in the
53f97800b16ab3a8d263c5331132dec1e8fea9a0Aki Tuomi <code>Anonymous</code> directive, access is denied.
53f97800b16ab3a8d263c5331132dec1e8fea9a0Aki Tuomi Be sure you know what you are doing when you decide to switch
53f97800b16ab3a8d263c5331132dec1e8fea9a0Aki Tuomi it on. And remember that it is the linking order of the modules
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen (in the Configuration / Make file) which details the order
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen in which the Authorization modules are queried.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<h2><A name="LogEmail">Anonymous_LogEmail directive</A></h2>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Syntax:</strong> Anonymous_LogEmail <em>on | off</em><br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Context:</strong> directory, .htaccess<br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen When set 'on', the default, the 'password' entered (which hopefully
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen contains a sensible email address) is logged in the httpd-log file.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<h2><A name="MustGiveEmail">Anonymous_MustGiveEmail directive</A></h2>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<!--%plaintext <?INDEX {\tt Anonymous_MustGiveEmail} directive> -->
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Syntax:</strong> Anonymous_MustGiveEmail <em>on</em> | <em>off</em><br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Context:</strong> directory, .htaccess<br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen Specifies whether the user must specify an email
f016dec9837e6a41867708e4b89ca5308dedab05Timo Sirainen address as the password. This prohibits blank passwords.
0ad9d535b04fe4a80534702617e17fd0d261fafaTimo Sirainen<h2><A name="NoUserID">Anonymous_NoUserID directive</A></h2>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Syntax:</strong> Anonymous_NoUserID <em>on | off</em><br>
0ad9d535b04fe4a80534702617e17fd0d261fafaTimo Sirainen<strong>Default:</strong> <code>Anonymous_NoUserID off</code><br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Context:</strong> directory, .htaccess<br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen When set 'on', users can leave
9ddd3d7d8651985e373a6c48e0ddc76b8a4ef1c7Timo Sirainen the userID (and perhaps the password field) empty. This
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen can be very convenient for MS-Explorer users who can
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen just hit return or click directly on the OK button; which
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen seems a natural reaction.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<h2><A name="VerifyEmail">Anonymous_VerifyEmail directive</A></h2>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Syntax:</strong> Anonymous <em>on | off</em><br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Default:</strong> <code>Anonymous_VerifyEmail off</code><br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<strong>Context:</strong> directory, .htaccess<br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen When set 'on' the 'password' entered is
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen checked for at least one '@' and a '.' to encourage users to enter
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen valid email addresses (see the above <code>Auth_LogEmail</code>).
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenThe example below (when combined with the Auth directives
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenof a htpasswd-file based (or GDM, mSQL etc) base access
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainencontrol system allows users in as 'guests' with the
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenfollowing properties:
a10ed8c47534b4c6b6bf2711ccfe577e720a47b4Timo SirainenIt insists that the user enters a userId. (<code>Anonymous_NoUserId</code>)
a10ed8c47534b4c6b6bf2711ccfe577e720a47b4Timo SirainenIt insists that the user enters a password. (<code>Anonymous_MustGiveEmail</code>)
4a0641e1ff10f0b0299fd36baf38057c54268e48Timo SirainenThe password entered must be a valid email address, ie. contain at least one '@' and a '.'.
57593ca3c443884bac880b8deff7c0655ddd9a30Timo SirainenThe userID must be one of <code>anonymous guest www test welcome</code>
4a0641e1ff10f0b0299fd36baf38057c54268e48Timo Sirainen<code><directory /web/docs/public></code>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenAnd the Email addresses entered in the passswd field are logged to
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenthe httpd-log file
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenAnonymous anonymous guest www test welcome<p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenAnonymous_MustGiveEmail on<br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenAnonymous_VerifyEmail on<br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenAnonymous_NoUserId off<br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenAnonymous_LogEmail on<br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenAuthName Use 'anonymous' & Email address for guest entry<br>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenAuthType basic<p>
9ddd3d7d8651985e373a6c48e0ddc76b8a4ef1c7Timo Sirainen<h2><a name="CompileTimeOptions">Compile Time Options</a></h2>
9ddd3d7d8651985e373a6c48e0ddc76b8a4ef1c7Timo SirainenCurrently there are no Compile options.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<h2><a name="RevisionHistory">Revision History</a></h2>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenThis version: 23 Nov 1995, 24 Feb 1996, 16 May 1996.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen <dd>First release
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen <dd>Added 'VerifyEmail' and 'LogEmail' options. Multiple
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen 'anonymous' tokens allowed. more docs. Added Authoritative
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen functionality.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<h2><a name="Person">Contact/person to blame</a></h2>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenThis module was written for the
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<a href="http://ewse.ceo.org">European Wide Service Exchange</a> by
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<<a href="mailto:Dirk.vanGulik@jrc.it"><code>Dirk.vanGulik@jrc.it</code></a>>.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenFeel free to contact me if you have any problems, ice-creams or bugs. This
7c849dbc7be089175c1a83a84ee7249ed695810dTimo Sirainendocumentation, courtesy of Nick Himba, <a href="mailto:himba@cs.utwente.nl">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo SirainenThe source code can be found at <a href="http://www.apache.org"><code>
3b8d05391336c0e4d24c8ddcc962f350409ffbd3Timo Sirainenhttp://www.apache.org</code></a>. A snapshot of a development version
3b8d05391336c0e4d24c8ddcc962f350409ffbd3Timo Sirainenusually resides at <a href="http://me-www.jrc.it/~dirkx/mod_auth_anon.c"><code>
3b8d05391336c0e4d24c8ddcc962f350409ffbd3Timo Sirainenhttp://me-www.jrc.it/~dirkx/mod_auth_anon.c</code></a>. Please make sure
3b8d05391336c0e4d24c8ddcc962f350409ffbd3Timo Sirainenthat you always quote the version you use when filing a bug report.
3b8d05391336c0e4d24c8ddcc962f350409ffbd3Timo Sirainen<!--#include virtual="footer.html" -->