mod_auth_basic.xml revision 3604deb3632beeca54cfdb3864d872715971c300
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
5f5d1b4cc970b7f06ff8ef6526128e9a27303d88nd<!-- $LastChangedRevision$ -->
08cb74ca432a8c24e39f17dedce527e6a47b8001jerenkrantz Copyright 2002-2005 The Apache Software Foundation or its licensors, as
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd Licensed under the Apache License, Version 2.0 (the "License");
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd you may not use this file except in compliance with the License.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd You may obtain a copy of the License at
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd Unless required by applicable law or agreed to in writing, software
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd distributed under the License is distributed on an "AS IS" BASIS,
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd See the License for the specific language governing permissions and
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd limitations under the License.
169280c7e65362d4ed444ec262c3f22a6a280166nd<compatibility>Available in Apache 2.1 and later</compatibility>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz <p>This module allows the use of HTTP Basic Authentication to
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz restrict access by looking up users in the given providers.
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz HTTP Digest Authentication is provided by
3604deb3632beeca54cfdb3864d872715971c300slive usually be combined with at least one authentication module
3604deb3632beeca54cfdb3864d872715971c300slive such as <module>mod_authn_file</module> and one authorization
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<seealso><directive module="core">AuthName</directive></seealso>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<seealso><directive module="core">AuthType</directive></seealso>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<directivesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<description>Sets the authentication provider(s) for this location</description>
f07998c217193b829f55c5ca8f4313ad5ba28f84nd<contextlist><context>directory</context><context>.htaccess</context>
f07998c217193b829f55c5ca8f4313ad5ba28f84nd</contextlist>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz <p>The <directive>AuthBasicProvider</directive> directive sets
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd which provider is used to authenticate the users for this location.
3604deb3632beeca54cfdb3864d872715971c300slive by the <module>mod_authn_file</module> module. Make sure
3604deb3632beeca54cfdb3864d872715971c300slive that the chosen provider module is present in the server.</p>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd <Location /secure><br />
3604deb3632beeca54cfdb3864d872715971c300slive AuthType basic<br />
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd AuthBasicProvider dbm<br />
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd AuthDBMType SDBM<br />
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd Require valid-user<br />
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd </Location>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd </example>
3604deb3632beeca54cfdb3864d872715971c300slive <p>Providers are implemented by <module>mod_authn_dbm</module>,
3604deb3632beeca54cfdb3864d872715971c300slive <module>mod_authn_file</module>, <module>mod_authn_dbd</module>,
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</directivesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<directivesynopsis>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd<description>Sets whether authorization and authentication are passed to
35ffb30f57f777dbf3f17c5a5ddf706559942c16ndlower level modules</description>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd<contextlist><context>directory</context><context>.htaccess</context>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</contextlist>
3604deb3632beeca54cfdb3864d872715971c300slive <p>Normally, each authorization module listed in <directive
3604deb3632beeca54cfdb3864d872715971c300slive module="mod_auth_basic">AuthBasicProvider</directive> will attempt
3604deb3632beeca54cfdb3864d872715971c300slive to verify the user, and if the user is not found in any provider,
3604deb3632beeca54cfdb3864d872715971c300slive access will be denied. Setting the
3604deb3632beeca54cfdb3864d872715971c300slive <directive>AuthBasicAuthoritative</directive> directive explicitly
3604deb3632beeca54cfdb3864d872715971c300slive to <code>Off</code> allows for both authentication and
3604deb3632beeca54cfdb3864d872715971c300slive authorization to be passed on to other non-provider-based modules
3604deb3632beeca54cfdb3864d872715971c300slive if there is <strong>no userID</strong> or <strong>rule</strong>
3604deb3632beeca54cfdb3864d872715971c300slive matching the supplied userID. This should only be necessary when
3604deb3632beeca54cfdb3864d872715971c300slive combining <module>mod_auth_basic</module> with third-party modules
3604deb3632beeca54cfdb3864d872715971c300slive that are not configured with the <directive
3604deb3632beeca54cfdb3864d872715971c300slive directive. When using such modules, the order of processing
3604deb3632beeca54cfdb3864d872715971c300slive is determined in the modules' source code and is not configurable.</p>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</directivesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</modulesynopsis>