2N/A<!
DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
2N/A<!-- Background white, links blue (unvisited), navy (visited), red (active) --> 2N/A<
H1 ALIGN="CENTER">Module mod_auth_anon</
H1>
2N/Ais not compiled in by default. It is only available in Apache 1.1 and
2N/Alater. It allows "anonymous" user access to authenticated areas.
2N/AIt does access control in a manner similar to anonymous-ftp sites; <
EM>
i.e.</
EM>
2N/Ahave a 'magic' user id 'anonymous' and the email address as a password.
2N/AThese email addresses can be logged.
2N/ACombined with other (database) access control methods, this allows for
2N/Aeffective user tracking and customization according to a user profile
2N/Awhile still keeping the site open for 'unregistered' users. One advantage
2N/Aof using Auth-based user tracking is that, unlike magic-cookies and
2N/Aallows users to share URLs.
2N/A<
A HREF="#Directives">Directives</
A> /
2N/A<
A HREF="#Example">Example</
A> /
2N/A<
A HREF="#CompileTimeOptions">Compile time options</
A> /
2N/A<
H2><
A NAME="Directives">Directives</
A></
H2>
2N/A<
LI><
A HREF="#anonymous">Anonymous</
A>
2N/A<
LI><
A HREF="#Authoritative">Anonymous_Authoritative</
A>
2N/A<
LI><
A HREF="#LogEmail">Anonymous_LogEmail</
A>
2N/A<
LI><
A HREF="#MustGiveEmail">Anonymous_MustGiveEmail</
A>
2N/A<
LI><
A HREF="#NoUserID">Anonymous_NoUserID</
A>
2N/A<
LI><
A HREF="#VerifyEmail">Anonymous_VerifyEmail</
A>
2N/A<
H2><
A NAME="anonymous">Anonymous directive</
A></
H2>
2N/A<!--%plaintext <?INDEX {\tt Anonymous} directive> --> 2N/A><
STRONG>Syntax:</
STRONG></
A> Anonymous <
EM>user user ...</
EM><
BR>
2N/A><
STRONG>Default:</
STRONG></
A> none<
BR>
2N/A><
STRONG>Context:</
STRONG></
A> directory, .htaccess<
BR>
2N/A><
STRONG>Override:</
STRONG></
A> AuthConfig<
BR>
><
STRONG>Status:</
STRONG></
A> Extension<
BR>
><
STRONG>Module:</
STRONG></
A> mod_auth_anon<
P>
A list of one or more 'magic' userIDs which are allowed access
without password verification. The userIDs are space separated.
It is possible to use the ' and " quotes to allow a space in
a userID as well as the \ escape character.
Please note that the comparison is <
STRONG>case-IN-sensitive</
STRONG>.
I strongly suggest that the magic username '<
CODE>anonymous</
CODE>'
is always one of the allowed userIDs.
Anonymous anonymous "Not Registered" 'I don\'t know'
This would allow the user to enter without password verification
by using the userId's 'anonymous', 'AnonyMous','Not Registered' and
<
H2><
A NAME="Authoritative">Anonymous_Authoritative directive</
A></
H2>
><
STRONG>Syntax:</
STRONG></
A> Anonymous_Authoritative <
EM>on | off</
EM><
BR>
><
STRONG>Default:</
STRONG></
A> <
CODE>Anonymous_Authoritative off</
CODE><
BR>
><
STRONG>Context:</
STRONG></
A> directory, .htaccess<
BR>
><
STRONG>Override:</
STRONG></
A> AuthConfig<
BR>
><
STRONG>Status:</
STRONG></
A> Extension<
BR>
><
STRONG>Module:</
STRONG></
A> mod_auth_anon<
P>
When set 'on', there is no
fall-through to other authorization methods. So if a
userID does not match the values specified in the
<
CODE>Anonymous</
CODE> directive, access is denied.
Be sure you know what you are doing when you decide to switch
it on. And remember that it is the linking order of the modules
(in the Configuration / Make file) which details the order
in which the Authorization modules are queried.
<
H2><
A NAME="LogEmail">Anonymous_LogEmail directive</
A></
H2>
><
STRONG>Syntax:</
STRONG></
A> Anonymous_LogEmail <
EM>on | off</
EM><
BR>
><
STRONG>Default:</
STRONG></
A> <
CODE>Anonymous_LogEmail on</
CODE><
BR>
><
STRONG>Context:</
STRONG></
A> directory, .htaccess<
BR>
><
STRONG>Override:</
STRONG></
A> AuthConfig<
BR>
><
STRONG>Status:</
STRONG></
A> Extension<
BR>
><
STRONG>Module:</
STRONG></
A> mod_auth_anon<
P>
When set 'on', the default, the 'password' entered (which hopefully
contains a sensible email address) is logged in the error log.
<
H2><
A NAME="MustGiveEmail">Anonymous_MustGiveEmail directive</
A></
H2>
<!--%plaintext <?INDEX {\tt Anonymous_MustGiveEmail} directive> --> ><
STRONG>Syntax:</
STRONG></
A> Anonymous_MustGiveEmail <
EM>on</
EM>
><
STRONG>Default:</
STRONG></
A> <
CODE>Anonymous_MustGiveEmail on</
CODE><
BR>
><
STRONG>Context:</
STRONG></
A> directory, .htaccess<
BR>
><
STRONG>Override:</
STRONG></
A> AuthConfig<
BR>
><
STRONG>Status:</
STRONG></
A> Extension<
BR>
><
STRONG>Module:</
STRONG></
A> mod_auth_anon<
P>
Specifies whether the user must specify an email
address as the password. This prohibits blank passwords.
<
H2><
A NAME="NoUserID">Anonymous_NoUserID directive</
A></
H2>
><
STRONG>Syntax:</
STRONG></
A> Anonymous_NoUserID <
EM>on | off</
EM><
BR>
><
STRONG>Default:</
STRONG></
A> <
CODE>Anonymous_NoUserID off</
CODE><
BR>
><
STRONG>Context:</
STRONG></
A> directory, .htaccess<
BR>
><
STRONG>Override:</
STRONG></
A> AuthConfig<
BR>
><
STRONG>Status:</
STRONG></
A> Extension<
BR>
><
STRONG>Module:</
STRONG></
A> mod_auth_anon<
P>
When set 'on', users can leave
the userID (and perhaps the password field) empty. This
can be very convenient for MS-Explorer users who can
just hit return or click directly on the OK button; which
seems a natural reaction.
<
H2><
A NAME="VerifyEmail">Anonymous_VerifyEmail directive</
A></
H2>
><
STRONG>Syntax:</
STRONG></
A> Anonymous_VerifyEmail <
EM>on | off</
EM><
BR>
><
STRONG>Default:</
STRONG></
A> <
CODE>Anonymous_VerifyEmail off</
CODE><
BR>
><
STRONG>Context:</
STRONG></
A> directory, .htaccess<
BR>
><
STRONG>Override:</
STRONG></
A> AuthConfig<
BR>
><
STRONG>Status:</
STRONG></
A> Extension<
BR>
><
STRONG>Module:</
STRONG></
A> mod_auth_anon<
P>
When set 'on' the 'password' entered is
checked for at least one '@' and a '.' to encourage users to enter
valid email addresses (see the above <
CODE>Auth_LogEmail</
CODE>).
<
H2><
A NAME="Example">Example</
A></
H2>
The example below (when combined with the Auth directives
of a htpasswd-file based (or GDM, mSQL <
EM>etc.</
EM>) base access
control system allows users in as 'guests' with the
It insists that the user enters a userId. (<
CODE>Anonymous_NoUserId</
CODE>)
It insists that the user enters a password.
(<
CODE>Anonymous_MustGiveEmail</
CODE>)
The password entered must be a valid email address, ie. contain at least one
'@' and a '.'. (<
CODE>Anonymous_VerifyEmail</
CODE>)
The userID must be one of <
CODE>anonymous guest www test welcome</
CODE>
and comparison is <
STRONG>not</
STRONG> case sensitive.
And the Email addresses entered in the passwd field are logged to
(<
CODE>Anonymous_LogEmail</
CODE>)
Anonymous_NoUserId off<
BR>
Anonymous_MustGiveEmail on<
BR>
Anonymous_VerifyEmail on<
BR>
Anonymous_LogEmail on<
BR>
Anonymous anonymous guest www test welcome<
P>
AuthName "Use 'anonymous' & Email address for guest entry"<
BR>
# directive must be specified, or use<
BR>
# Anonymous_Authoritative for public access.<
BR>
# In the .htaccess for the public directory, add:<
BR>
<
H2><
A NAME="CompileTimeOptions">Compile Time Options</
A></
H2>
Currently there are no Compile options.