mod_auth_basic.xml revision 5632f75dd34db0112cf4b6b7527eb538c80d976c
1d363c6830b1389bb442b3110e1b803f2a69c979slive<?xml version="1.0"?>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
1d363c6830b1389bb442b3110e1b803f2a69c979slive<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
5f5d1b4cc970b7f06ff8ef6526128e9a27303d88nd<!-- $LastChangedRevision$ -->
1d363c6830b1389bb442b3110e1b803f2a69c979slive
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd<!--
6fbd2e53c97ea6976d93e0ac521adabc55e0fb73nd Licensed to the Apache Software Foundation (ASF) under one or more
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd contributor license agreements. See the NOTICE file distributed with
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd this work for additional information regarding copyright ownership.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd The ASF licenses this file to You under the Apache License, Version 2.0
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd (the "License"); you may not use this file except in compliance with
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd the License. You may obtain a copy of the License at
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd http://www.apache.org/licenses/LICENSE-2.0
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd Unless required by applicable law or agreed to in writing, software
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd distributed under the License is distributed on an "AS IS" BASIS,
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd See the License for the specific language governing permissions and
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd limitations under the License.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd-->
7db9f691a00ead175b03335457ca296a33ddf31bnd
1d363c6830b1389bb442b3110e1b803f2a69c979slive<modulesynopsis metafile="mod_auth_basic.xml.meta">
1d363c6830b1389bb442b3110e1b803f2a69c979slive
1d363c6830b1389bb442b3110e1b803f2a69c979slive<name>mod_auth_basic</name>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<description>Basic authentication</description>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<status>Base</status>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<sourcefile>mod_auth_basic.c</sourcefile>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<identifier>auth_basic_module</identifier>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<compatibility>Available in Apache 2.1 and later</compatibility>
1d363c6830b1389bb442b3110e1b803f2a69c979slive
1d363c6830b1389bb442b3110e1b803f2a69c979slive<summary>
d14417cf5a8f5ea4c3e8fea35ec3e50fba770d17erikabele <p>This module allows the use of HTTP Basic Authentication to
1d363c6830b1389bb442b3110e1b803f2a69c979slive restrict access by looking up users in the given providers.
1d363c6830b1389bb442b3110e1b803f2a69c979slive HTTP Digest Authentication is provided by
1d363c6830b1389bb442b3110e1b803f2a69c979slive <module>mod_auth_digest</module>. This module should
1d363c6830b1389bb442b3110e1b803f2a69c979slive usually be combined with at least one authentication module
1d363c6830b1389bb442b3110e1b803f2a69c979slive such as <module>mod_authn_file</module> and one authorization
1d363c6830b1389bb442b3110e1b803f2a69c979slive module such as <module>mod_authz_user</module>.</p>
1d363c6830b1389bb442b3110e1b803f2a69c979slive</summary>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<seealso><directive module="mod_authn_core">AuthName</directive></seealso>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<seealso><directive module="mod_authn_core">AuthType</directive></seealso>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<seealso><directive module="mod_authz_core">Require</directive></seealso>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<seealso><directive module="mod_authz_core">Match</directive></seealso>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<seealso><a href="/howto/auth.html">Authentication howto</a></seealso>
1d363c6830b1389bb442b3110e1b803f2a69c979slive
1d363c6830b1389bb442b3110e1b803f2a69c979slive<directivesynopsis>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<name>AuthBasicProvider</name>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<description>Sets the authentication provider(s) for this location</description>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<syntax>AuthBasicProvider <var>provider-name</var>
1d363c6830b1389bb442b3110e1b803f2a69c979slive[<var>provider-name</var>] ...</syntax>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<default>AuthBasicProvider file</default>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<contextlist><context>directory</context><context>.htaccess</context>
1d363c6830b1389bb442b3110e1b803f2a69c979slive</contextlist>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<override>AuthConfig</override>
1d363c6830b1389bb442b3110e1b803f2a69c979slive
1d363c6830b1389bb442b3110e1b803f2a69c979slive<usage>
1d363c6830b1389bb442b3110e1b803f2a69c979slive <p>The <directive>AuthBasicProvider</directive> directive sets
1d363c6830b1389bb442b3110e1b803f2a69c979slive which provider is used to authenticate the users for this location.
1d363c6830b1389bb442b3110e1b803f2a69c979slive The default <code>file</code> provider is implemented
1d363c6830b1389bb442b3110e1b803f2a69c979slive by the <module>mod_authn_file</module> module. Make sure
1d363c6830b1389bb442b3110e1b803f2a69c979slive that the chosen provider module is present in the server.</p>
1d363c6830b1389bb442b3110e1b803f2a69c979slive
1d363c6830b1389bb442b3110e1b803f2a69c979slive <example><title>Example</title>
1d363c6830b1389bb442b3110e1b803f2a69c979slive &lt;Location /secure&gt;<br />
1d363c6830b1389bb442b3110e1b803f2a69c979slive <indent>
1d363c6830b1389bb442b3110e1b803f2a69c979slive AuthType basic<br />
1d363c6830b1389bb442b3110e1b803f2a69c979slive AuthName "private area"<br />
1d363c6830b1389bb442b3110e1b803f2a69c979slive AuthBasicProvider dbm<br />
1d363c6830b1389bb442b3110e1b803f2a69c979slive AuthDBMType SDBM<br />
1d363c6830b1389bb442b3110e1b803f2a69c979slive AuthDBMUserFile /www/etc/dbmpasswd<br />
1d363c6830b1389bb442b3110e1b803f2a69c979slive Require valid-user<br />
1d363c6830b1389bb442b3110e1b803f2a69c979slive </indent>
1d363c6830b1389bb442b3110e1b803f2a69c979slive &lt;/Location&gt;
1d363c6830b1389bb442b3110e1b803f2a69c979slive </example>
1d363c6830b1389bb442b3110e1b803f2a69c979slive
1d363c6830b1389bb442b3110e1b803f2a69c979slive <p> Providers are queried in order until a provider finds a match
1d363c6830b1389bb442b3110e1b803f2a69c979slive for the requested username, at which point this sole provider will
1d363c6830b1389bb442b3110e1b803f2a69c979slive attempt to check the password. A failure to verify the password does
1d363c6830b1389bb442b3110e1b803f2a69c979slive not result in control being passed on to subsequent providers.</p>
1d363c6830b1389bb442b3110e1b803f2a69c979slive
1d363c6830b1389bb442b3110e1b803f2a69c979slive <p>Providers are implemented by <module>mod_authn_dbm</module>,
1d363c6830b1389bb442b3110e1b803f2a69c979slive <module>mod_authn_file</module>, <module>mod_authn_dbd</module>,
1d363c6830b1389bb442b3110e1b803f2a69c979slive <module>mod_authnz_ldap</module> and <module>mod_authn_socache</module>.</p>
1d363c6830b1389bb442b3110e1b803f2a69c979slive</usage>
1d363c6830b1389bb442b3110e1b803f2a69c979slive</directivesynopsis>
1d363c6830b1389bb442b3110e1b803f2a69c979slive
1d363c6830b1389bb442b3110e1b803f2a69c979slive<directivesynopsis>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<name>AuthBasicAuthoritative</name>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<description>Sets whether authorization and authentication are passed to
1d363c6830b1389bb442b3110e1b803f2a69c979slivelower level modules</description>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<syntax>AuthBasicAuthoritative On|Off</syntax>
1d363c6830b1389bb442b3110e1b803f2a69c979slive<default>AuthBasicAuthoritative On</default>
88578e18144a237152b29ae3fc32ff6fae93f5d4slive<contextlist><context>directory</context><context>.htaccess</context>
88578e18144a237152b29ae3fc32ff6fae93f5d4slive</contextlist>
88578e18144a237152b29ae3fc32ff6fae93f5d4slive<override>AuthConfig</override>
1d363c6830b1389bb442b3110e1b803f2a69c979slive
1d363c6830b1389bb442b3110e1b803f2a69c979slive<usage>
1d363c6830b1389bb442b3110e1b803f2a69c979slive <p>Normally, each authorization module listed in <directive
1d363c6830b1389bb442b3110e1b803f2a69c979slive module="mod_auth_basic">AuthBasicProvider</directive> will attempt
1d363c6830b1389bb442b3110e1b803f2a69c979slive to verify the user, and if the user is not found in any provider,
1d363c6830b1389bb442b3110e1b803f2a69c979slive access will be denied. Setting the
1d363c6830b1389bb442b3110e1b803f2a69c979slive <directive>AuthBasicAuthoritative</directive> directive explicitly
1d363c6830b1389bb442b3110e1b803f2a69c979slive to <code>Off</code> allows for both authentication and
1d363c6830b1389bb442b3110e1b803f2a69c979slive authorization to be passed on to other non-provider-based modules
1d363c6830b1389bb442b3110e1b803f2a69c979slive if there is <strong>no userID</strong> or <strong>rule</strong>
1d363c6830b1389bb442b3110e1b803f2a69c979slive matching the supplied userID. This should only be necessary when
1d363c6830b1389bb442b3110e1b803f2a69c979slive combining <module>mod_auth_basic</module> with third-party modules
1d363c6830b1389bb442b3110e1b803f2a69c979slive that are not configured with the <directive
1d363c6830b1389bb442b3110e1b803f2a69c979slive module="mod_auth_basic">AuthBasicProvider</directive>
1d363c6830b1389bb442b3110e1b803f2a69c979slive directive. When using such modules, the order of processing
1d363c6830b1389bb442b3110e1b803f2a69c979slive is determined in the modules' source code and is not configurable.</p>
1d363c6830b1389bb442b3110e1b803f2a69c979slive</usage>
1d363c6830b1389bb442b3110e1b803f2a69c979slive</directivesynopsis>
1d363c6830b1389bb442b3110e1b803f2a69c979slive
1d363c6830b1389bb442b3110e1b803f2a69c979slive</modulesynopsis>
1d363c6830b1389bb442b3110e1b803f2a69c979slive