mod_authn_dbm.xml revision 169280c7e65362d4ed444ec262c3f22a6a280166
bc6f4c1c4c1b739fd06d2de05b77b9d08c4d8a5aTinderbox User<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews<modulesynopsis>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<description>User authentication using DBM files</description>
c1a72112b2391bd8f149c5f19bdb12fa0d39fef4Mark Andrews<compatibility>Available in Apache 2.1 and later</compatibility>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <p>This module provides authentication front-ends such as
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <module>mod_auth_digest</module> and <module>mod_auth_basic</module>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt to authenticate users by looking up users in plain text password files.
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt Similar functionality is provided by <module>mod_authn_file</module>.</p>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <module>mod_auth_digest</module>, this module is invoked via the
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <directive module="mod_auth_basic">AuthBasicProvider</directive> or
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <directive module="mod_auth_digest">AuthDigestProvider</directive>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt with the 'dbm' value.</p>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<seealso><directive module="core">AuthName</directive></seealso>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<seealso><directive module="core">AuthType</directive></seealso>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <directive module="mod_auth_basic">AuthBasicProvider</directive>
bc6f4c1c4c1b739fd06d2de05b77b9d08c4d8a5aTinderbox User <directive module="mod_auth_digest">AuthDigestProvider</directive>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<directivesynopsis>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<description>Sets the name of a database file containing the list of users and
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Huntpasswords for authentication</description>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<syntax>AuthDBMUserFile <em>file-path</em></syntax>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<contextlist>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt</contextlist>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <p>The <directive>AuthDBMUserFile</directive> directive sets the
c1a72112b2391bd8f149c5f19bdb12fa0d39fef4Mark Andrews name of a DBM file containing the list of users and passwords for
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt user authentication. <em>File-path</em> is the absolute path to
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt the user file.</p>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <p>The user file is keyed on the username. The value for a user is
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt the <code>crypt()</code> encrypted password, optionally followed
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt by a colon and arbitrary data. The colon and the data following it
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt will be ignored by the server.</p>
2616416a677634e01cea98a07d45c305cce8274aMark Andrews <p>Security: make sure that the
2616416a677634e01cea98a07d45c305cce8274aMark Andrews <directive>AuthDBMUserFile</directive> is stored outside the
2616416a677634e01cea98a07d45c305cce8274aMark Andrews document tree of the web-server; do <em>not</em> put it in the
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt directory that it protects. Otherwise, clients will be able to
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt download the <directive>AuthDBMUserFile</directive>.</p>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <p>Important compatibility note: The implementation of
2be9d18ee9bd1b4eec4720218e4f43352603291fMark Andrews "dbmopen" in the apache modules reads the string length of the
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt hashed values from the DBM data structures, rather than relying
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt upon the string being NULL-appended. Some applications, such as
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt the Netscape web server, rely upon the string being
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt NULL-appended, so if you are having trouble using DBM files
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt interchangeably between applications this may be a part of the
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt problem.</p>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <p>A perl script called
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt <a href="/programs/dbmmanage.html">dbmmanage</a> is included with
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt Apache. This program can be used to create and update DBM
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt format password files for use with this module.</p>
86f221492f6f6b71c1114e3edba7373aa93d906bMark Andrews</directivesynopsis>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<directivesynopsis>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<description>Sets the type of database file that is used to
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Huntstore passwords</description>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<syntax>AuthDBMType default|SDBM|GDBM|NDBM|DB</syntax>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<contextlist>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt</contextlist>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<compatibility>Available in version 2.0.30 and later.</compatibility>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<p>Sets the type of database file that is used to store the passwords.
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan HuntThe default database type is determined at compile time. The
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Huntavailability of other types of database files also depends on
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<a href="/install.html#dbm">compile-time settings</a>.</p>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<p>It is crucial that whatever program you use to create your password
86f221492f6f6b71c1114e3edba7373aa93d906bMark Andrewsfiles is configured to use the same type of database.</p>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt</directivesynopsis>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt</modulesynopsis>