<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-->
<title>mod_authn_file - Apache HTTP Server Version 2.5</title>
<link href="/style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="/style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="/style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="/style/css/prettify.css" />
</script>
<body>
<div id="page-header">
<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p>
<p class="apache">Apache HTTP Server Version 2.5</p>
<div id="path">
<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.5</a> > <a href="./">Modules</a></div>
<div id="page-content">
<div id="preamble"><h1>Apache Module mod_authn_file</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="/en/mod/mod_authn_file.html" title="English"> en </a> |
<a href="/fr/mod/mod_authn_file.html" hreflang="fr" rel="alternate" title="Fran�ais"> fr </a> |
<a href="/ja/mod/mod_authn_file.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="/ko/mod/mod_authn_file.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>User authentication using text files</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Module�Identifier:</a></th><td>authn_file_module</td></tr>
<tr><th><a href="module-dict.html#SourceFile">Source�File:</a></th><td>mod_authn_file.c</td></tr></table>
<h3>Summary</h3>
<p>This module provides authentication front-ends such as
<code class="module"><a href="/mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="/mod/mod_auth_basic.html">mod_auth_basic</a></code>
to authenticate users by looking up users in plain text password files.
Similar functionality is provided by <code class="module"><a href="/mod/mod_authn_dbm.html">mod_authn_dbm</a></code>.</p>
<code class="module"><a href="/mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the
<code class="directive"><a href="/mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or
<code class="directive"><a href="/mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
with the <code>file</code> value.</p>
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
</ul>
<h3>See also</h3>
<ul class="seealso">
<li>
<code class="directive"><a href="/mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
</li>
<li>
<code class="directive"><a href="/mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
</li>
</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
<div class="directive-section"><h2><a name="AuthUserFile" id="AuthUserFile">AuthUserFile</a> <a name="authuserfile" id="authuserfile">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the name of a text file containing the list of users and
passwords for authentication</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthUserFile <var>file-path</var></code></td></tr>
</table>
<p>The <code class="directive">AuthUserFile</code> directive sets the name
of a textual file containing the list of users and passwords for
user authentication. <var>File-path</var> is the path to the user
file. If it is not absolute, it is treated as relative to the
<p>Each line of the user file contains a username followed by
a colon, followed by the encrypted password. If the same user
ID is defined multiple times, <code class="module"><a href="/mod/mod_authn_file.html">mod_authn_file</a></code> will
use the first occurrence to verify the password.</p>
<p>The encrypted password format depends on which authentication
<code class="module"><a href="/mod/mod_auth_digest.html">mod_auth_digest</a></code>) is being used. See <a href="/misc/password_encryptions.html">Password Formats</a> for
more information.</p>
<p>For <code class="module"><a href="/mod/mod_auth_basic.html">mod_auth_basic</a></code>, use the utility <code class="program"><a href="/programs/htpasswd.html">htpasswd</a></code>
which is installed as part of the binary distribution, or which
In short:</p>
<p>Create a password file <code>Filename</code> with
<code>username</code> as the initial ID. It will prompt for
the password:</p>
<div class="example"><p><code>
htpasswd -c Filename username
</code></p></div>
<p>Add or modify <code>username2</code> in the password file
<code>Filename</code>:</p>
<div class="example"><p><code>
htpasswd Filename username2
</code></p></div>
<p>Note that searching large text files is <em>very</em>
inefficient; <code class="directive"><a href="/mod/mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile</a></code> should be used
instead.</p>
<p>For <code class="module"><a href="/mod/mod_auth_digest.html">mod_auth_digest</a></code>, use <code class="program"><a href="/programs/htdigest.html">htdigest</a></code>
instead. Note that you cannot mix user data for Digest Authentication
and Basic Authentication within the same file.</p>
<div class="warning"><h3>Security</h3>
<p>Make sure that the <code class="directive">AuthUserFile</code> is
stored outside the document tree of the web-server. Do
<strong>not</strong> put it in the directory that it protects.
Otherwise, clients may be able to download the
<code class="directive">AuthUserFile</code>.</p>
</div>
</div>
</div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="/en/mod/mod_authn_file.html" title="English"> en </a> |
<a href="/fr/mod/mod_authn_file.html" hreflang="fr" rel="alternate" title="Fran�ais"> fr </a> |
<a href="/ja/mod/mod_authn_file.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="/ko/mod/mod_authn_file.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div><div class="top"><a href="#page-header"><img src="/images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
var comments_shortname = 'httpd';
var comments_identifier = 'http://httpd.apache.org/docs/trunk/mod/mod_authn_file.html';
(function(w, d) {
if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
d.write('<div id="comments_thread"><\/div>');
var s = d.createElement('script');
s.type = 'text/javascript';
s.async = true;
s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
(d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
}
else {
d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
}
})(window, document);
//--><!]]></script></div><div id="footer">
<p class="apache">Copyright 2015 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
if (typeof(prettyPrint) !== 'undefined') {
prettyPrint();
}
//--><!]]></script>
</body></html>