1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<?xml version="1.0" encoding="ISO-8859-1"?>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<title>mod_authz_dbm - Apache HTTP Server</title>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<link href="/style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<link href="/style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<link href="/style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="/style/css/prettify.css" />

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<script src="/style/scripts/prettify.min.js" type="text/javascript">

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke</script>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<link href="/images/favicon.ico" rel="shortcut icon" /></head>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<body>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<div id="page-header">

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<p class="apache">Apache HTTP Server Version 2.5</p>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<img alt="" src="/images/feather.gif" /></div>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="/images/left.gif" /></a></div>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<div id="path">

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="../">Version 2.5</a> &gt; <a href="./">Modules</a></div>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<div id="page-content">

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<div id="preamble"><h1>Apache Module mod_authz_dbm</h1>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<div class="toplang">

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<p><span>Available Languages: </span><a href="/en/mod/mod_authz_dbm.html" title="English">&nbsp;en&nbsp;</a> |

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<a href="/fr/mod/mod_authz_dbm.html" hreflang="fr" rel="alternate" title="Fran�ais">&nbsp;fr&nbsp;</a> |

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke<a href="/ko/mod/mod_authz_dbm.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke</div>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Group authorization using DBM files</td></tr>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<tr><th><a href="module-dict.html#ModuleIdentifier">Module�Identifier:</a></th><td>authz_dbm_module</td></tr>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<tr><th><a href="module-dict.html#SourceFile">Source�File:</a></th><td>mod_authz_dbm.c</td></tr></table>

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke<h3>Summary</h3>

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke <p>This module provides authorization capabilities so that

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke authenticated users can be allowed or denied access to portions

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke of the web site by group membership. Similar functionality is

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke provided by <code class="module"><a href="/mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code>.</p>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke</div>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<div id="quickview"><h3 class="directives">Directives</h3>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<ul id="toc">

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<li><img alt="" src="/images/down.gif" /> <a href="#authdbmgroupfile">AuthDBMGroupFile</a></li>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<li><img alt="" src="/images/down.gif" /> <a href="#authzdbmtype">AuthzDBMType</a></li>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke</ul>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<h3>Topics</h3>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<ul id="topics">

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<li><img alt="" src="/images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<li><img alt="" src="/images/down.gif" /> <a href="#examples">Example usage</a></li>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke</ul><h3>See also</h3>

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<ul class="seealso">

1b5b696aa3bc2a6747a4eeac777f850788482c98Dominik Luecke<li><code class="directive"><a href="/mod/mod_authz_core.html#require">Require</a></code></li>

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke<div class="section">

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke<h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke <p>Apache's <code class="directive"><a href="/mod/mod_authz_core.html#require">Require</a></code>

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke directives are used during the authorization phase to ensure that

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke a user is allowed to access a resource. mod_authz_dbm extends the

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke authorization types with <code>dbm-group</code>.</p>

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke <p>Since v2.5.0, <a href="/expr.html">expressions</a> are supported

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke within the DBM require directives.</p>

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke

bdc3d22af3cfaeac7e9776a12371fe1d534ebcaeDominik Luecke<h3><a name="reqgroup" id="reqgroup">Require dbm-group</a></h3>

<p>This directive specifies group membership that is required for the

user to gain access.</p>

<pre class="prettyprint lang-config">Require dbm-group admin</pre>

<h3><a name="reqfilegroup" id="reqfilegroup">Require dbm-file-group</a></h3>

<p>When this directive is specified, the user must be a member of the group

assigned to the file being accessed.</p>

<pre class="prettyprint lang-config">Require dbm-file-group</pre>

</div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>

<div class="section">

<h2><a name="examples" id="examples">Example usage</a></h2>

<p><em>Note that using mod_authz_dbm requires you to require <code>dbm-group</code>

instead of <code>group</code>:</em>

</p>

<pre class="prettyprint lang-config">&lt;Directory "/foo/bar"&gt;

AuthType Basic

AuthName "Secure Area"

AuthBasicProvider dbm

AuthDBMUserFile site/data/users

AuthDBMGroupFile site/data/users

Require dbm-group admin

&lt;/Directory&gt;</pre>

</div>

<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>

<div class="directive-section"><h2><a name="AuthDBMGroupFile" id="AuthDBMGroupFile">AuthDBMGroupFile</a> <a name="authdbmgroupfile" id="authdbmgroupfile">Directive</a></h2>

<table class="directive">

<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the name of the database file containing the list

of user groups for authorization</td></tr>

<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBMGroupFile <var>file-path</var></code></td></tr>

<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>

<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>

<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>

<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_dbm</td></tr>

</table>

<p>The <code class="directive">AuthDBMGroupFile</code> directive sets the

name of a DBM file containing the list of user groups for user

authorization. <var>File-path</var> is the absolute path to the

group file.</p>

<p>The group file is keyed on the username. The value for a

user is a comma-separated list of the groups to which the users

belongs. There must be no whitespace within the value, and it

must never contain any colons.</p>

<div class="warning"><h3>Security</h3>

<p>Make sure that the <code class="directive">AuthDBMGroupFile</code> is

stored outside the document tree of the web-server. Do

<strong>not</strong> put it in the directory that it protects.

Otherwise, clients will be able to download the

<code class="directive">AuthDBMGroupFile</code> unless otherwise

protected.</p>

</div>

<p>Combining Group and Password DBM files: In some cases it is

easier to manage a single database which contains both the

password and group details for each user. This simplifies any

support programs that need to be written: they now only have to

deal with writing to and locking a single DBM file. This can be

accomplished by first setting the group and password files to

point to the same DBM:</p>

<pre class="prettyprint lang-config">AuthDBMGroupFile /www/userbase

AuthDBMUserFile /www/userbase</pre>

<p>The key for the single DBM is the username. The value consists

of</p>

<div class="example"><p><code>

Encrypted Password : List of Groups [ : (ignored) ]

</code></p></div>

<p>The password section contains the encrypted

password as before. This is followed by a colon and the comma

separated list of groups. Other data may optionally be left in the

DBM file after another colon; it is ignored by the authorization

module. This is what www.telescope.org uses for its combined

password and group database.</p>

</div>

<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>

<div class="directive-section"><h2><a name="AuthzDBMType" id="AuthzDBMType">AuthzDBMType</a> <a name="authzdbmtype" id="authzdbmtype">Directive</a></h2>

<table class="directive">

<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the type of database file that is used to

store list of user groups</td></tr>

<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBMType default|SDBM|GDBM|NDBM|DB</code></td></tr>

<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthzDBMType default</code></td></tr>

<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>

<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>

<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>

<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_dbm</td></tr>

</table>

<p>Sets the type of database file that is used to store the list

of user groups.

The default database type is determined at compile time. The

availability of other types of database files also depends on

<a href="/install.html#dbm">compile-time settings</a>.</p>

<p>It is crucial that whatever program you use to create your group

files is configured to use the same type of database.</p>

</div>

</div>

<div class="bottomlang">

<p><span>Available Languages: </span><a href="/en/mod/mod_authz_dbm.html" title="English">&nbsp;en&nbsp;</a> |

<a href="/fr/mod/mod_authz_dbm.html" hreflang="fr" rel="alternate" title="Fran�ais">&nbsp;fr&nbsp;</a> |

<a href="/ko/mod/mod_authz_dbm.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>

</div><div class="top"><a href="#page-header"><img src="/images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>

<script type="text/javascript"><!--//--><![CDATA[//><!--

//--><!]]></script></div><div id="footer">

<p class="apache">Copyright 2014 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>

<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--

//--><!]]></script>

</body></html>