mod_auth_basic.html.en revision e32acaab1dda74d937a24fac7840058dbd7f77a2
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-->
<title>mod_auth_basic - Apache HTTP Server</title>
<link href="/style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="/style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<body>
<div id="page-header">
<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="/faq/">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p>
<p class="apache">Apache HTTP Server Version 2.1</p>
<div id="path">
<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.1</a> > <a href="./">Modules</a></div>
<div id="page-content">
<div id="preamble"><h1>Apache Module mod_auth_basic</h1>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Basic authentication</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Module�Identifier:</a></th><td>auth_basic_module</td></tr>
<tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.1 and later</td></tr></table>
<h3>Summary</h3>
<p>This module allows the use of HTTP Basic Authentication to
restrict access by looking up users in the given providers.
HTTP Digest Authentication is provided by
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
<li><img alt="" src="/images/down.gif" /> <a href="#authbasicauthoritative">AuthBasicAuthoritative</a></li>
</ul>
<h3>See also</h3>
<ul class="seealso">
</ul></div>
<div class="directive-section"><h2><a name="AuthBasicAuthoritative" id="AuthBasicAuthoritative">AuthBasicAuthoritative</a> <a name="authbasicauthoritative" id="authbasicauthoritative">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets whether authorization and authentication are passed to
lower level modules</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthBasicAuthoritative On|Off</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthBasicAuthoritative On</code></td></tr>
</table>
<p>Setting the <code class="directive">AuthBasicAuthoritative</code> directive
explicitly to <code>Off</code> allows for both
authentication and authorization to be passed on to lower level
<strong>no userID</strong> or <strong>rule</strong> matching the
password and access checks will be applied and a failure will give
an "Authentication Required" reply.</p>
<p>So if a userID appears in the database of more than one module;
directive applies to more than one module; then the first module
will verify the credentials; and no access is passed on;
regardless of the <code class="directive">AuthBasicAuthoritative</code>
setting.</p>
<p>By default control is not passed on and an unknown userID or
rule will result in an "Authentication Required" reply. Not setting
it thus keeps the system secure and forces an NCSA compliant
behaviour.</p>
</div>
<div class="directive-section"><h2><a name="AuthBasicProvider" id="AuthBasicProvider">AuthBasicProvider</a> <a name="authbasicprovider" id="authbasicprovider">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the authentication provider(s) for this location</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthBasicProvider On|Off|<var>provider-name</var>
[<var>provider-name</var>] ...</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthBasicProvider On</code></td></tr>
</table>
<p>The <code class="directive">AuthBasicProvider</code> directive sets
which provider is used to authenticate the users for this location.
Setting the value to <code>On</code> will choose the default provider
(<code>file</code>). Since the <code>file</code> provider is implemented
by the <code class="module"><a href="/mod/mod_authn_file.html">mod_authn_file</a></code> module, you have to make sure,
that the module is present in the server.</p>
<div class="example"><h3>Example</h3><p><code>
<Location /secure><br />
<span class="indent">
AuthBasicProvider dbm<br />
AuthDBMType SDBM<br />
Require valid-user<br />
</span>
</Location>
</code></p></div>
<p>See <code class="module"><a href="/mod/mod_authn_dbm.html">mod_authn_dbm</a></code> and <code class="module"><a href="/mod/mod_authn_file.html">mod_authn_file</a></code>
for providers.</p>
<p>The value <code>Off</code> clears the provider list and sets it back
to the default.</p>
</div>
</div>
<div id="footer">
<p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p>
<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="/faq/">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p></div>
</body></html>