manual/mod/mod_auth_basic.xml

	mod_auth_basic.xml revision f43ed9051a7f4db461d67ed4f7ece175b3dbca7c
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<?xml version="1.0"?>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<modulesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<name>mod_auth_basic</name>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<description>Basic authentication</description>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<status>Base</status>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<sourcefile>mod_auth_basic.c</sourcefile>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<identifier>auth_basic_module</identifier>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<compatibility>Available in Apache 2.0.42 and later</compatibility>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<summary>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    <p>This module allows the use of HTTP Basic Authentication to
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    restrict access by looking up users in the given providers.
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    HTTP Digest Authentication is provided by
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    <module>mod_auth_digest</module>.</p>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</summary>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<seealso><directive module="core">AuthName</directive></seealso>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<seealso><directive module="core">AuthType</directive></seealso>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<directivesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<name>AuthBasicProvider</name>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<description>Sets the authentication provider(s) for this location</description>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<syntax>AuthBasicProvider <em>provider-name</em></syntax>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<contextlist>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz  <context>directory</context>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz  <context>location</context>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz  <context>.htaccess</context>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</contextlist>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<override>AuthConfig</override>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<usage>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    <p>The <directive>AuthBasicProvider</directive> directive sets
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    which provider is used to authenticate the users for this location.</p>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    <p>See <module>mod_authn_dbm</module>, <module>mod_authn_file</module>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    for providers.</p>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</usage>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</directivesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<directivesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<name>AuthBasicAuthoritative</name>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<description>Sets whether authorization and authentication are
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantzpassed to lower level modules</description>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<syntax>AuthBasicAuthoritative on|off</syntax>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<default>AuthBasicAuthoritative on</default>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<contextlist>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz  <context>directory</context>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz  <context>.htaccess</context>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</contextlist>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<override>AuthConfig</override>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz<usage>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    <p>Setting the <directive>AuthBasicAuthoritative</directive> directive
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    explicitly to <strong>'off'</strong> allows for both
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    authentication and authorization to be passed on to lower level
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    modules (as defined in the <code>Configuration</code> and
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    <code>modules.c</code> files) if there is <strong>no
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    userID</strong> or <strong>rule</strong> matching the supplied
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    userID. If there is a userID and/or rule specified; the usual
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    password and access checks will be applied and a failure will give
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    an Authorization Required reply.</p>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    <p>So if a userID appears in the database of more than one module;
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    or if a valid <directive module="core">Require</directive>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    directive applies to more than one module; then the first module
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    will verify the credentials; and no access is passed on;
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    regardless of the AuthAuthoritative setting.</p>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    <p>By default; control is not passed on; and an unknown userID or
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    rule will result in an Authorization Required reply. Not setting
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    it thus keeps the system secure; and forces an NCSA compliant
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz    behaviour.</p>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</usage>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</directivesynopsis>
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz
f43ed9051a7f4db461d67ed4f7ece175b3dbca7cjerenkrantz</modulesynopsis>