mod_session_crypto.html.en revision 7fec19672a491661b2fe4b29f685bc7f4efa64d4
47feede6777f217fb2e2dff71635da04898e0077nd<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
47feede6777f217fb2e2dff71635da04898e0077nd<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
47feede6777f217fb2e2dff71635da04898e0077nd XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
47feede6777f217fb2e2dff71635da04898e0077nd This file is generated from xml source: DO NOT EDIT
47feede6777f217fb2e2dff71635da04898e0077nd XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
47feede6777f217fb2e2dff71635da04898e0077nd<link href="/style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
47feede6777f217fb2e2dff71635da04898e0077nd<link href="/style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen<link href="/style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="/style/css/prettify.css" />
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen<script src="/style/scripts/prettify.js" type="text/javascript">
47feede6777f217fb2e2dff71635da04898e0077nd<link href="/images/favicon.ico" rel="shortcut icon" /></head>
d229f940abfb2490dee17979e9a5ff31b7012eb5rbowen<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="/faq/">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p>
47feede6777f217fb2e2dff71635da04898e0077nd<div class="up"><a href="./"><img title="<-" alt="<-" src="/images/left.gif" /></a></div>
3f08db06526d6901aa08c110b5bc7dde6bc39905nd<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.5</a> > <a href="./">Modules</a></div>
47feede6777f217fb2e2dff71635da04898e0077nd<div id="preamble"><h1>Apache Module mod_session_crypto</h1>
f086b4b402fa9a2fefc7dda85de2a3cc1cd0a654rjung<p><span>Available Languages: </span><a href="/en/mod/mod_session_crypto.html" title="English"> en </a></p>
707c2713ba8f1aa11c1f22f69d3ec73522054b9fcovener<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Session encryption support</td></tr>
707c2713ba8f1aa11c1f22f69d3ec73522054b9fcovener<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
47feede6777f217fb2e2dff71635da04898e0077nd<tr><th><a href="module-dict.html#ModuleIdentifier">Module�Identifier:</a></th><td>session_crypto_module</td></tr>
47feede6777f217fb2e2dff71635da04898e0077nd<tr><th><a href="module-dict.html#SourceFile">Source�File:</a></th><td>mod_session_crypto.c</td></tr>
47feede6777f217fb2e2dff71635da04898e0077nd<tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3 and later</td></tr></table>
5cd0fbce99a53ae48c3f502d7663e55f01b4e0a0humbedooh <p>The session modules make use of HTTP cookies, and as such can fall
707c2713ba8f1aa11c1f22f69d3ec73522054b9fcovener victim to Cross Site Scripting attacks, or expose potentially private
707c2713ba8f1aa11c1f22f69d3ec73522054b9fcovener information to clients. Please ensure that the relevant risks have
707c2713ba8f1aa11c1f22f69d3ec73522054b9fcovener been taken into account before enabling the session functionality on
707c2713ba8f1aa11c1f22f69d3ec73522054b9fcovener your server.</p>
47feede6777f217fb2e2dff71635da04898e0077nd <p>This submodule of <code class="module"><a href="/mod/mod_session.html">mod_session</a></code> provides support for the
47feede6777f217fb2e2dff71635da04898e0077nd encryption of user sessions before being written to a local database, or
47feede6777f217fb2e2dff71635da04898e0077nd written to a remote browser via an HTTP cookie.</p>
47feede6777f217fb2e2dff71635da04898e0077nd <p>This can help provide privacy to user sessions where the contents of
47feede6777f217fb2e2dff71635da04898e0077nd the session should be kept private from the user, or where protection is
47feede6777f217fb2e2dff71635da04898e0077nd needed against the effects of cross site scripting attacks.</p>
47feede6777f217fb2e2dff71635da04898e0077nd <p>For more details on the session interface, see the documentation for
47feede6777f217fb2e2dff71635da04898e0077nd the <code class="module"><a href="/mod/mod_session.html">mod_session</a></code> module.</p>
47feede6777f217fb2e2dff71635da04898e0077nd<div id="quickview"><h3 class="directives">Directives</h3>
47feede6777f217fb2e2dff71635da04898e0077nd<li><img alt="" src="/images/down.gif" /> <a href="#sessioncryptocipher">SessionCryptoCipher</a></li>
47feede6777f217fb2e2dff71635da04898e0077nd<li><img alt="" src="/images/down.gif" /> <a href="#sessioncryptodriver">SessionCryptoDriver</a></li>
47feede6777f217fb2e2dff71635da04898e0077nd<li><img alt="" src="/images/down.gif" /> <a href="#sessioncryptopassphrase">SessionCryptoPassphrase</a></li>
47feede6777f217fb2e2dff71635da04898e0077nd<li><img alt="" src="/images/down.gif" /> <a href="#sessioncryptopassphrasefile">SessionCryptoPassphraseFile</a></li>
47feede6777f217fb2e2dff71635da04898e0077nd<li><img alt="" src="/images/down.gif" /> <a href="#basicusage">Basic Usage</a></li>
707c2713ba8f1aa11c1f22f69d3ec73522054b9fcovener<li><code class="module"><a href="/mod/mod_session.html">mod_session</a></code></li>
47feede6777f217fb2e2dff71635da04898e0077nd<li><code class="module"><a href="/mod/mod_session_cookie.html">mod_session_cookie</a></code></li>
47feede6777f217fb2e2dff71635da04898e0077nd<li><code class="module"><a href="/mod/mod_session_dbd.html">mod_session_dbd</a></code></li>
47feede6777f217fb2e2dff71635da04898e0077nd<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
727872d18412fc021f03969b8641810d8896820bhumbedooh<h2><a name="basicusage" id="basicusage">Basic Usage</a></h2>
727872d18412fc021f03969b8641810d8896820bhumbedooh <p>To create a simple encrypted session and store it in a cookie called
cc7e1025de9ac63bd4db6fe7f71c158b2cf09fe4humbedooh <var>session</var>, configure the session as follows:</p>
cc7e1025de9ac63bd4db6fe7f71c158b2cf09fe4humbedooh <div class="example"><h3>Browser based encrypted session</h3><pre class="prettyprint lang-config">
0d0ba3a410038e179b695446bb149cce6264e0abndSessionCookieName session path=/
0d0ba3a410038e179b695446bb149cce6264e0abndSessionCryptoPassphrase secret
0d0ba3a410038e179b695446bb149cce6264e0abnd <p>The session will be encrypted with the given key. Different servers can
0d0ba3a410038e179b695446bb149cce6264e0abnd be configured to share sessions by ensuring the same encryption key is used
727872d18412fc021f03969b8641810d8896820bhumbedooh on each server.</p>
0d0ba3a410038e179b695446bb149cce6264e0abnd <p>If the encryption key is changed, sessions will be invalidated
30471a4650391f57975f60bbb6e4a90be7b284bfhumbedooh automatically.</p>
d229f940abfb2490dee17979e9a5ff31b7012eb5rbowen <p>For documentation on how the session can be used to store username
0d0ba3a410038e179b695446bb149cce6264e0abnd and password details, see the <code class="module"><a href="/mod/mod_auth_form.html">mod_auth_form</a></code> module.</p>
7fec19672a491661b2fe4b29f685bc7f4efa64d4nd<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
47feede6777f217fb2e2dff71635da04898e0077nd<div class="directive-section"><h2><a name="SessionCryptoCipher" id="SessionCryptoCipher">SessionCryptoCipher</a> <a name="sessioncryptocipher" id="sessioncryptocipher">Directive</a></h2>
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The crypto cipher to be used to encrypt the session</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionCryptoCipher <var>name</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.0 and later</td></tr>
<div class="directive-section"><h2><a name="SessionCryptoDriver" id="SessionCryptoDriver">SessionCryptoDriver</a> <a name="sessioncryptodriver" id="sessioncryptodriver">Directive</a></h2>
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The crypto driver to be used to encrypt the session</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></code></td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.0 and later</td></tr>
<div class="example"><h3>NSS without a certificate database</h3><pre class="prettyprint lang-config">
<div class="example"><h3>NSS with certificate database and parameters</h3><pre class="prettyprint lang-config">
part of the server, for example from <code class="module"><a href="/mod/mod_nss.html">mod_nss</a></code> or
<code class="module"><a href="/mod/mod_ldap.html">mod_ldap</a></code>. If found to have already been configured,
<div class="directive-section"><h2><a name="SessionCryptoPassphrase" id="SessionCryptoPassphrase">SessionCryptoPassphrase</a> <a name="sessioncryptopassphrase" id="sessioncryptopassphrase">Directive</a></h2>
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The key used to encrypt the session</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.0 and later</td></tr>
<div class="directive-section"><h2><a name="SessionCryptoPassphraseFile" id="SessionCryptoPassphraseFile">SessionCryptoPassphraseFile</a> <a name="sessioncryptopassphrasefile" id="sessioncryptopassphrasefile">Directive</a></h2>
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>File containing keys used to encrypt the session</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionCryptoPassphraseFile <var>filename</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.0 and later</td></tr>
<p><span>Available Languages: </span><a href="/en/mod/mod_session_crypto.html" title="English"> en </a></p>
<p class="apache">Copyright 2012 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="/faq/">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--