mod_authz_groupfile.xml revision 860b4efe27e7c1c9a2bf5c872b29c90f76849b51
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
f6096b958c8b58c4709860d7c4dcdde5deeacb7aEvan Hunt<!-- $LastChangedRevision$ -->
90e0af6bc6c1bcafad126e1779fc478c0aeaeb8fEvan Hunt Licensed to the Apache Software Foundation (ASF) under one or more
f6b909274159da7aaad8463c90f15018136cf6cbTinderbox User contributor license agreements. See the NOTICE file distributed with
90e0af6bc6c1bcafad126e1779fc478c0aeaeb8fEvan Hunt this work for additional information regarding copyright ownership.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews The ASF licenses this file to You under the Apache License, Version 2.0
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews (the "License"); you may not use this file except in compliance with
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews the License. You may obtain a copy of the License at
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt Unless required by applicable law or agreed to in writing, software
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt distributed under the License is distributed on an "AS IS" BASIS,
90e0af6bc6c1bcafad126e1779fc478c0aeaeb8fEvan Hunt WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
544e2b48ece5724f2c4a0d6636048a72335cfd54Evan Hunt See the License for the specific language governing permissions and
544e2b48ece5724f2c4a0d6636048a72335cfd54Evan Hunt limitations under the License.
90e0af6bc6c1bcafad126e1779fc478c0aeaeb8fEvan Hunt<modulesynopsis metafile="mod_authz_groupfile.xml.meta">
448884248519a8edade1b51aa7d20140b12764a9Evan Hunt<description>Group authorization using plaintext files</description>
90e0af6bc6c1bcafad126e1779fc478c0aeaeb8fEvan Hunt<compatibility>Available in Apache 2.1 and later</compatibility>
90e0af6bc6c1bcafad126e1779fc478c0aeaeb8fEvan Hunt <p>This module provides authorization capabilities so that
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt authenticated users can be allowed or denied access to portions
30eec077db2bdcb6f2a0dc388a3cdde2ede75ec1Mark Andrews of the web site by group membership. Similar functionality is
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt<seealso><directive module="mod_authz_core">Require</directive></seealso>
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt<directivesynopsis>
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt<description>Sets the name of a text file containing the list
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Huntof user groups for authorization</description>
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt<syntax>AuthGroupFile <var>file-path</var></syntax>
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt<contextlist><context>directory</context><context>.htaccess</context>
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt</contextlist>
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt <p>The <directive>AuthGroupFile</directive> directive sets the
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt name of a textual file containing the list of user groups for user
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt authorization. <var>File-path</var> is the path to the group
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt file. If it is not absolute, it is treated as relative to the <directive
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt <p>Each line of the group file contains a groupname followed by a
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt colon, followed by the member usernames separated by spaces.</p>
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt mygroup: bob joe anne
59f34c1fc775bf1817c49f5b4a121285f9608efcEvan Hunt <p>Note that searching large text files is <em>very</em>
448e23ed619dfa617df5666ad8df28ef2d9772bfCurtis Blackburn inefficient; <directive module="mod_authz_dbm"
d2647cd5fd919c2a3ccd983a0ef9e6cfca68824cMark Andrews >AuthDBMGroupFile</directive> provides a much better performance.</p>
544e2b48ece5724f2c4a0d6636048a72335cfd54Evan Hunt <p>Make sure that the <directive>AuthGroupFile</directive> is
d2647cd5fd919c2a3ccd983a0ef9e6cfca68824cMark Andrews stored outside the document tree of the web-server; do <em>not</em>
d2647cd5fd919c2a3ccd983a0ef9e6cfca68824cMark Andrews put it in the directory that it protects. Otherwise, clients may
d2647cd5fd919c2a3ccd983a0ef9e6cfca68824cMark Andrews be able to download the <directive>AuthGroupFile</directive>.</p>
d2647cd5fd919c2a3ccd983a0ef9e6cfca68824cMark Andrews</directivesynopsis>
d2647cd5fd919c2a3ccd983a0ef9e6cfca68824cMark Andrews</modulesynopsis>