0N/A<!
DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
0N/A<!-- Background white, links blue (unvisited), navy (visited), red (active) --> 0N/A<
H1 ALIGN="CENTER">Module mod_auth_anon</
H1>
0N/Ais not compiled in by default. It is only available in Apache 1.1 and
928N/Alater. It allows "anonymous" user access to authenticated areas.
0N/AIt does access control in a manner similar to anonymous-ftp sites;
i.e. 0N/Ahave a 'magic' user id 'anonymous' and the email address as a password.
0N/AThese email addresses can be logged.
0N/ACombined with other (database) access control methods, this allows for
0N/Aeffective user tracking and customization according to a user profile
58N/Awhile still keeping the site open for 'unregistered' users. One advantage
0N/Aof using Auth-based user tracking is that, unlike magic-cookies and
0N/Aallows users to share URLs.
0N/A<
A HREF="#Directives">Directives</
A> /
0N/A<
A HREF="#Example">Example</
A> /
0N/A<
A HREF="#CompileTimeOptions">Compile time options</
A> /
58N/A<
A HREF="#RevisionHistory">RevisionHistory</
A> /
99N/A<
A HREF="#Person">Person to blame</
A> /
99N/A<
A HREF="#Sourcecode">Sourcecode</
A>
99N/A<
h2><
A name="Directives">Directives</
A></
h2>
0N/A<
LI><
A HREF="#anonymous">Anonymous</
A>
0N/A<
LI><
A HREF="#Authoritative">Anonymous_Authoritative</
A>
0N/A<
LI><
A HREF="#LogEmail">Anonymous_LogEmail</
A>
0N/A<
LI><
A HREF="#MustGiveEmail">Anonymous_MustGiveEmail</
A>
0N/A<
LI><
A HREF="#NoUserID">Anonymous_NoUserID</
A>
0N/A<
LI><
A HREF="#VerifyEmail">Anonymous_VerifyEmail</
A>
0N/A<
h2><
A name="anonymous">Anonymous directive</
A></
h2>
58N/A<!--%plaintext <?INDEX {\tt Anonymous} directive> --> 207N/A<
STRONG>Syntax:</
STRONG> Anonymous <
EM>user user ...</
EM><
BR>
98N/A<
STRONG>Default:</
STRONG> none<
BR>
98N/A<
STRONG>Context:</
STRONG> directory, .htaccess<
BR>
98N/A<
STRONG>Override:</
STRONG> AuthConfig<
BR>
98N/A<
STRONG>Status:</
STRONG> Extension<
BR>
819N/A<
STRONG>Module:</
STRONG> mod_auth_anon<
P>
98N/A A list of one or more 'magic' userIDs which are allowed access
98N/A without password verification. The userIDs are space separated.
98N/A It is possible to use the ' and " quotes to allow a space in
98N/A a userID as well as the \ escape character.
98N/A Please note that the comparison is <
STRONG>case-IN-sensitive</
STRONG>.
830N/A I strongly suggest that the magic username '<
CODE>anonymous</
CODE>'
98N/A is always one of the allowed userIDs.
98N/A Anonymous anonymous "Not Registered" 'I don\'t know'
98N/A This would allow the user to enter without password verification
98N/A by using the userId's 'anonymous', 'AnonyMous','Not Registered' and
98N/A<
h2><
A name="Authoritative">Anonymous_Authoritative directive</
A></
h2>
819N/A<
STRONG>Syntax:</
STRONG> Anonymous_Authoritative <
EM>on | off</
EM><
BR>
819N/A<
STRONG>Default:</
STRONG> <
CODE>Anonymous_Authoritative off</
CODE><
BR>
98N/A<
STRONG>Context:</
STRONG> directory, .htaccess<
BR>
98N/A<
STRONG>Override:</
STRONG> AuthConfig<
BR>
98N/A<
STRONG>Status:</
STRONG> Extension<
BR>
98N/A<
STRONG>Module:</
STRONG> mod_auth_anon<
P>
830N/A When set 'on', there is no
58N/A fall-through to other authorization methods. So if a
830N/A userID does not match the values specified in the
0N/A <
CODE>Anonymous</
CODE> directive, access is denied.
0N/A Be sure you know what you are doing when you decide to switch
0N/A it on. And remember that it is the linking order of the modules
0N/A (in the Configuration / Make file) which details the order
0N/A in which the Authorization modules are queried.
0N/A<
h2><
A name="LogEmail">Anonymous_LogEmail directive</
A></
h2>
0N/A<
STRONG>Syntax:</
STRONG> Anonymous_LogEmail <
EM>on | off</
EM><
BR>
0N/A<
STRONG>Default:</
STRONG> <
CODE>Anonymous_LogEmail on</
CODE><
BR>
928N/A<
STRONG>Context:</
STRONG> directory, .htaccess<
BR>
819N/A<
STRONG>Override:</
STRONG> AuthConfig<
BR>
0N/A<
STRONG>Status:</
STRONG> Extension<
BR>
986N/A<
STRONG>Module:</
STRONG> mod_auth_anon<
P>
819N/A When set 'on', the default, the 'password' entered (which hopefully
0N/A contains a sensible email address) is logged in the httpd-log file.
830N/A<
h2><
A name="MustGiveEmail">Anonymous_MustGiveEmail directive</
A></
h2>
830N/A<!--%plaintext <?INDEX {\tt Anonymous_MustGiveEmail} directive> --> 819N/A<
STRONG>Syntax:</
STRONG> Anonymous_MustGiveEmail <
EM>on</
EM> | <
EM>off</
EM><
BR>
819N/A<
STRONG>Default:</
STRONG> <
CODE>Anonymous_MustGiveEmail on</
CODE><
BR>
819N/A<
STRONG>Context:</
STRONG> directory, .htaccess<
BR>
928N/A<
STRONG>Override:</
STRONG> AuthConfig<
BR>
819N/A<
STRONG>Status:</
STRONG> Extension<
BR>
0N/A<
STRONG>Module:</
STRONG> mod_auth_anon<
P>
986N/A Specifies whether the user must specify an email
986N/A address as the password. This prohibits blank passwords.
986N/A<
h2><
A name="NoUserID">Anonymous_NoUserID directive</
A></
h2>
0N/A<
STRONG>Syntax:</
STRONG> Anonymous_NoUserID <
EM>on | off</
EM><
BR>
58N/A<
STRONG>Default:</
STRONG> <
CODE>Anonymous_NoUserID off</
CODE><
BR>
0N/A<
STRONG>Context:</
STRONG> directory, .htaccess<
BR>
0N/A<
STRONG>Override:</
STRONG> AuthConfig<
BR>
0N/A<
STRONG>Status:</
STRONG> Extension<
BR>
0N/A<
STRONG>Module:</
STRONG> mod_auth_anon<
P>
0N/A When set 'on', users can leave
0N/A the userID (and perhaps the password field) empty. This
0N/A can be very convenient for MS-Explorer users who can
0N/A just hit return or click directly on the OK button; which
819N/A seems a natural reaction.
0N/A<
h2><
A name="VerifyEmail">Anonymous_VerifyEmail directive</
A></
h2>
0N/A<
STRONG>Syntax:</
STRONG> Anonymous_VerifyEmail <
EM>on | off</
EM><
BR>
947N/A<
STRONG>Default:</
STRONG> <
CODE>Anonymous_VerifyEmail off</
CODE><
BR>
986N/A<
STRONG>Context:</
STRONG> directory, .htaccess<
BR>
830N/A<
STRONG>Override:</
STRONG> AuthConfig<
BR>
207N/A<
STRONG>Status:</
STRONG> Extension<
BR>
207N/A<
STRONG>Module:</
STRONG> mod_auth_anon<
P>
207N/A When set 'on' the 'password' entered is
207N/A checked for at least one '@' and a '.' to encourage users to enter
207N/A valid email addresses (see the above <
CODE>Auth_LogEmail</
CODE>).
830N/A<
h2><
A name="Example">Example</
A></
h2>
830N/AThe example below (when combined with the Auth directives
830N/Aof a htpasswd-file based (or GDM, mSQL <
EM>etc.</
EM>) base access
830N/Acontrol system allows users in as 'guests' with the
830N/AIt insists that the user enters a userId. (<
CODE>Anonymous_NoUserId</
CODE>)
830N/AIt insists that the user enters a password. (<
CODE>Anonymous_MustGiveEmail</
CODE>)
830N/AThe password entered must be a valid email address, ie. contain at least one '@' and a '.'.
830N/A(<
CODE>Anonymous_VerifyEmail</
CODE>)
928N/AThe userID must be one of <
CODE>anonymous guest www test welcome</
CODE>
830N/Aand comparison is <
STRONG>not</
STRONG> case sensitive.
207N/AAnd the Email addresses entered in the passwd field are logged to
928N/A(<
CODE>Anonymous_LogEmail</
CODE>)
830N/AAnonymous_NoUserId off<
BR>
928N/AAnonymous_MustGiveEmail on<
BR>
819N/AAnonymous_VerifyEmail on<
BR>
928N/AAnonymous_LogEmail on<
BR>
819N/AAnonymous anonymous guest www test welcome<
P>
819N/AAuthName Use 'anonymous' & Email address for guest entry<
BR>
819N/A# directive must be specified, or use<
BR>
819N/A# Anonymous_Authoritative for public access.<
BR>
928N/A# In the .htaccess for the public directory, add:<
BR>
819N/A<
h2><
A name="CompileTimeOptions">Compile Time Options</
A></
h2>
819N/ACurrently there are no Compile options.
819N/A<
h2><
A name="RevisionHistory">Revision History</
A></
h2>
207N/AThis version: 23 Nov 1995, 24 Feb 1996, 16 May 1996.
819N/A<
DT>Version 0.4<
BR></
DT>
819N/A<
DT>Version 0.5<
BR></
DT>
207N/A <
DD>Added 'VerifyEmail' and 'LogEmail' options. Multiple
0N/A 'anonymous' tokens allowed. more docs. Added Authoritative
510N/AThis module was written for the
0N/A<<
A HREF="mailto:Dirk.vanGulik@jrc.it"><
CODE>Dirk.vanGulik@jrc.it</
CODE></
A>>.
0N/AFeel free to contact me if you have any problems, ice-creams or bugs. This
345N/Adocumentation, courtesy of Nick Himba, <
A HREF="mailto:himba@cs.utwente.nl">
0N/A<
CODE><himba@cs.utwente.nl></
CODE></
A>.
942N/A<
h2><
A NAME="Sourcecode">Sourcecode</
A></
h2>
946N/Athat you always quote the version you use when filing a bug report.