mod_auth_basic.xml revision 6fbd2e53c97ea6976d93e0ac521adabc55e0fb73
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
6fbd2e53c97ea6976d93e0ac521adabc55e0fb73nd Copyright 2002-2004 The Apache Software Foundation
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd Licensed under the Apache License, Version 2.0 (the "License");
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd you may not use this file except in compliance with the License.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd You may obtain a copy of the License at
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd Unless required by applicable law or agreed to in writing, software
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd distributed under the License is distributed on an "AS IS" BASIS,
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd See the License for the specific language governing permissions and
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd limitations under the License.
169280c7e65362d4ed444ec262c3f22a6a280166nd<compatibility>Available in Apache 2.1 and later</compatibility>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz <p>This module allows the use of HTTP Basic Authentication to
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz restrict access by looking up users in the given providers.
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz HTTP Digest Authentication is provided by
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<seealso><directive module="core">AuthName</directive></seealso>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<seealso><directive module="core">AuthType</directive></seealso>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<directivesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<description>Sets the authentication provider(s) for this location</description>
f07998c217193b829f55c5ca8f4313ad5ba28f84nd<contextlist><context>directory</context><context>.htaccess</context>
f07998c217193b829f55c5ca8f4313ad5ba28f84nd</contextlist>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz <p>The <directive>AuthBasicProvider</directive> directive sets
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd which provider is used to authenticate the users for this location.
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd Setting the value to <code>On</code> will choose the default provider
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd (<code>file</code>). Since the <code>file</code> provider is implemented
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd by the <module>mod_authn_file</module> module, you have to make sure,
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd that the module is present in the server.</p>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd <Location /secure><br />
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd AuthBasicProvider dbm<br />
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd AuthDBMType SDBM<br />
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd Require valid-user<br />
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd </Location>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd </example>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd <p>See <module>mod_authn_dbm</module> and <module>mod_authn_file</module>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz for providers.</p>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd <p>The value <code>Off</code> clears the provider list and sets it back
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd to the default.</p>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</directivesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<directivesynopsis>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd<description>Sets whether authorization and authentication are passed to
35ffb30f57f777dbf3f17c5a5ddf706559942c16ndlower level modules</description>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd<contextlist><context>directory</context><context>.htaccess</context>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</contextlist>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz <p>Setting the <directive>AuthBasicAuthoritative</directive> directive
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz authentication and authorization to be passed on to lower level
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd modules (as defined in the <code>modules.c</code> files) if there is
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd <strong>no userID</strong> or <strong>rule</strong> matching the
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd supplied userID. If there is a userID and/or rule specified, the usual
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz password and access checks will be applied and a failure will give
e32acaab1dda74d937a24fac7840058dbd7f77a2nd an "Authentication Required" reply.</p>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz <p>So if a userID appears in the database of more than one module;
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz or if a valid <directive module="core">Require</directive>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz directive applies to more than one module; then the first module
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz will verify the credentials; and no access is passed on;
e32acaab1dda74d937a24fac7840058dbd7f77a2nd regardless of the <directive>AuthBasicAuthoritative</directive>
e32acaab1dda74d937a24fac7840058dbd7f77a2nd setting.</p>
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd <p>By default control is not passed on and an unknown userID or
e32acaab1dda74d937a24fac7840058dbd7f77a2nd rule will result in an "Authentication Required" reply. Not setting
35ffb30f57f777dbf3f17c5a5ddf706559942c16nd it thus keeps the system secure and forces an NCSA compliant
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz behaviour.</p>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</directivesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</modulesynopsis>