<?xml version="1.0"?>

<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">

<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>

<modulesynopsis metafile="mod_authz_default.xml.meta">

<name>mod_authz_default</name>

<description>Authorization fallback module</description>

<status>Base</status>

<sourcefile>mod_authz_default.c</sourcefile>

<identifier>authz_default_module</identifier>

<compatibility>Available in Apache 2.1 and later</compatibility>

<summary>

<p>This module is designed to be the fallback module, if you don't

have configured an authorization module like

<module>mod_authz_user</module> or <module>mod_authz_groupfile</module>.

It simply rejects any authorization request.</p>

</summary>

<directivesynopsis>

<name>AuthzDefaultAuthoritative</name>

<description>Sets whether authorization is passed to lower level

modules</description>

<syntax>AuthzDefaultAuthoritative On|Off</syntax>

<default>AuthzDefaultAuthoritative On</default>

<contextlist><context>directory</context><context>.htaccess</context>

</contextlist>

<override>AuthConfig</override>

<usage>

<p>Setting the <directive>AuthzDefaultAuthoritative</directive> directive

explicitly to <code>Off</code> allows for authorization to be passed on

to lower level modules (as defined in the <code>modules.c</code>

files).</p>

<note><title>Note</title>

<p>Normally there are no lower level modules, since

<module>mod_authz_default</module> is defined to be already on

a <em>very low</em> level. Therefore you should leave the value of

<directive>AuthzDefaultAuthoritative</directive> as default

(<code>On</code>).</p>

</note>

</usage>

</directivesynopsis>

</modulesynopsis>