manual/mod/mod_auth_basic.xml

	mod_auth_basic.xml revision 41618b507c149c7adf89bd92a0cc2c6962a29dcf
97a9a944b5887e91042b019776c41d5dd74557aferikabele<?xml version="1.0"?>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
97a9a944b5887e91042b019776c41d5dd74557aferikabele<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
a945f35eff8b6a88009ce73de6d4c862ce58de3cslive<!-- $LastChangedRevision$ -->
a945f35eff8b6a88009ce73de6d4c862ce58de3cslive
a945f35eff8b6a88009ce73de6d4c862ce58de3cslive<!--
b8eb5469f098e41d327cd962df6ec27baeb96987dpejesh Licensed to the Apache Software Foundation (ASF) under one or more
06ba4a61654b3763ad65f52283832ebf058fdf1cslive contributor license agreements.  See the NOTICE file distributed with
06ba4a61654b3763ad65f52283832ebf058fdf1cslive this work for additional information regarding copyright ownership.
06ba4a61654b3763ad65f52283832ebf058fdf1cslive The ASF licenses this file to You under the Apache License, Version 2.0
06ba4a61654b3763ad65f52283832ebf058fdf1cslive (the "License"); you may not use this file except in compliance with
06ba4a61654b3763ad65f52283832ebf058fdf1cslive the License.  You may obtain a copy of the License at
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
97a9a944b5887e91042b019776c41d5dd74557aferikabele     http://www.apache.org/licenses/LICENSE-2.0
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive Unless required by applicable law or agreed to in writing, software
06ba4a61654b3763ad65f52283832ebf058fdf1cslive distributed under the License is distributed on an "AS IS" BASIS,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
06ba4a61654b3763ad65f52283832ebf058fdf1cslive See the License for the specific language governing permissions and
06ba4a61654b3763ad65f52283832ebf058fdf1cslive limitations under the License.
97a9a944b5887e91042b019776c41d5dd74557aferikabele-->
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<modulesynopsis metafile="mod_auth_basic.xml.meta">
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<name>mod_auth_basic</name>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<description>Basic authentication</description>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<status>Base</status>
9055fd62575727607003ca8a9ab1cdb4a4ae4407slive<sourcefile>mod_auth_basic.c</sourcefile>
9055fd62575727607003ca8a9ab1cdb4a4ae4407slive<identifier>auth_basic_module</identifier>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<compatibility>Available in Apache 2.1 and later</compatibility>
f35c904c3b359610a46e94fbb4ba8495b2338521slive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<summary>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive    <p>This module allows the use of HTTP Basic Authentication to
06ba4a61654b3763ad65f52283832ebf058fdf1cslive    restrict access by looking up users in the given providers.
9a52ca75f20eaedc9a5eeb9b7e803247cf3d0ec1rbowen    HTTP Digest Authentication is provided by
9a52ca75f20eaedc9a5eeb9b7e803247cf3d0ec1rbowen    <module>mod_auth_digest</module>.  This module should
06ba4a61654b3763ad65f52283832ebf058fdf1cslive    usually be combined with at least one authentication module
06ba4a61654b3763ad65f52283832ebf058fdf1cslive    such as <module>mod_authn_file</module> and one authorization
06ba4a61654b3763ad65f52283832ebf058fdf1cslive    module such as <module>mod_authz_user</module>.</p>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive</summary>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<seealso><directive module="mod_authn_core">AuthName</directive></seealso>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<seealso><directive module="mod_authn_core">AuthType</directive></seealso>
c3ff7979929443ce8cbc881239f6cf130b4e256aslive<seealso><directive module="mod_authz_core">Require</directive></seealso>
c3ff7979929443ce8cbc881239f6cf130b4e256aslive<seealso><directive module="mod_authz_core">Match</directive></seealso>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<seealso><a href="/howto/auth.html">Authentication howto</a></seealso>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<directivesynopsis>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<name>AuthBasicProvider</name>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<description>Sets the authentication provider(s) for this location</description>
5bf90772244e08b493f008381645dd3704417d40yoshiki<syntax>AuthBasicProvider <var>provider-name</var>
5bf90772244e08b493f008381645dd3704417d40yoshiki[<var>provider-name</var>] ...</syntax>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<default>AuthBasicProvider file</default>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<contextlist><context>directory</context><context>.htaccess</context>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive</contextlist>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive<override>AuthConfig</override>
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
5bf90772244e08b493f008381645dd3704417d40yoshiki<usage>
5bf90772244e08b493f008381645dd3704417d40yoshiki    <p>The <directive>AuthBasicProvider</directive> directive sets
5bf90772244e08b493f008381645dd3704417d40yoshiki    which provider is used to authenticate the users for this location.
97a9a944b5887e91042b019776c41d5dd74557aferikabele    The default <code>file</code> provider is implemented
    by the <module>mod_authn_file</module> module.  Make sure
    that the chosen provider module is present in the server.</p>

    <example><title>Example</title>
      &lt;Location /secure&gt;<br />
      <indent>
        AuthType basic<br />
        AuthName "private area"<br />
        AuthBasicProvider  dbm<br />
        AuthDBMType        SDBM<br />
        AuthDBMUserFile    /www/etc/dbmpasswd<br />
        Require            valid-user<br />
      </indent>
      &lt;/Location&gt;
    </example>

    <p> Providers are queried in order until a provider finds a match
    for the requested username, at which point this sole provider will
    attempt to check the password.  A failure to verify the password does
    not result in control being passed on to subsequent providers.</p>

    <p>Providers are implemented by <module>mod_authn_dbm</module>,
    <module>mod_authn_file</module>, <module>mod_authn_dbd</module>,
    and <module>mod_authnz_ldap</module>.</p>
</usage>
</directivesynopsis>

<directivesynopsis>
<name>AuthBasicAuthoritative</name>
<description>Sets whether authorization and authentication are passed to
lower level modules</description>
<syntax>AuthBasicAuthoritative On|Off</syntax>
<default>AuthBasicAuthoritative On</default>
<contextlist><context>directory</context><context>.htaccess</context>
</contextlist>
<override>AuthConfig</override>

<usage>
    <p>Normally, each authorization module listed in <directive
    module="mod_auth_basic">AuthBasicProvider</directive> will attempt
    to verify the user, and if the user is not found in any provider,
    access will be denied. Setting the
    <directive>AuthBasicAuthoritative</directive> directive explicitly
    to <code>Off</code> allows for both authentication and
    authorization to be passed on to other non-provider-based modules
    if there is <strong>no userID</strong> or <strong>rule</strong>
    matching the supplied userID.  This should only be necessary when
    combining <module>mod_auth_basic</module> with third-party modules
    that are not configured with the <directive
    module="mod_auth_basic">AuthBasicProvider</directive>
    directive.  When using such modules, the order of processing
    is determined in the modules' source code and is not configurable.</p>
</usage>
</directivesynopsis>

</modulesynopsis>