diff options
author | Justin Erenkrantz <jerenkrantz@apache.org> | 2002-09-14 00:09:22 +0000 |
---|---|---|
committer | Justin Erenkrantz <jerenkrantz@apache.org> | 2002-09-14 00:09:22 +0000 |
commit | 15e970a0c79be5bc2e97bf99a1de0deb10498be1 (patch) | |
tree | 8dbe8fbf63d7c19109bdbc23559796184bc7be6d /docs/manual/mod/mod_authn_dbm.html.en | |
parent | 128ea1d05d8ce6e886e4635a3635e607a4aef618 (diff) | |
download | httpd-15e970a0c79be5bc2e97bf99a1de0deb10498be1.tar.gz |
Add documentation (rough, but something) for new aaa modules.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96799 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'docs/manual/mod/mod_authn_dbm.html.en')
-rw-r--r-- | docs/manual/mod/mod_authn_dbm.html.en | 124 |
1 files changed, 124 insertions, 0 deletions
diff --git a/docs/manual/mod/mod_authn_dbm.html.en b/docs/manual/mod/mod_authn_dbm.html.en new file mode 100644 index 0000000000..b547d825e1 --- /dev/null +++ b/docs/manual/mod/mod_authn_dbm.html.en @@ -0,0 +1,124 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --><title>mod_authn_dbm - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.0</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authn_dbm</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description: + </a></th><td>User authentication using DBM files</td></tr><tr><th><a href="module-dict.html#Status">Status: + </a></th><td>Extension</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier: + </a></th><td>authn_dbm_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File: + </a></th><td>mod_authn_dbm.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility: + </a></th><td>Available in Apache 2.0.42 and later</td></tr></table><h3>Summary</h3> + <p>This module provides authentication front-ends such as + <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> + to authenticate users by looking up users in plain text password files. + Similar functionality is provided by <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>.</p> + + <p>When using <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or + <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the + <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or + <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> + with the 'dbm' value.</p> +</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authdbmauthoritative">AuthDBMAuthoritative</a></li><li><img alt="" src="../images/down.gif" /> <a href="#authdbmtype">AuthDBMType</a></li><li><img alt="" src="../images/down.gif" /> <a href="#authdbmuserfile">AuthDBMUserFile</a></li></ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li><li> + <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> +</li><li> + <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> +</li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMAuthoritative" id="AuthDBMAuthoritative">AuthDBMAuthoritative</a> <a name="authdbmauthoritative" id="authdbmauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description: + </a></th><td>Sets whether authentication and authorization will be +passwed on to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax: + </a></th><td>AuthDBMAuthoritative on|off</td></tr><tr><th><a href="directive-dict.html#Default">Default: + </a></th><td><code>AuthDBMAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context: + </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override: + </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status: + </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module: + </a></th><td>mod_authn_dbm</td></tr></table> + + <p>Setting the <code class="directive">AuthDBMAuthoritative</code> + directive explicitly to <strong>'off'</strong> allows for both + authentication and authorization to be passed on to lower level + modules (as defined in the <code>Configuration</code> and + <code>modules.c</code> file if there is <strong>no userID</strong> + or <strong>rule</strong> matching the supplied userID. If there is + a userID and/or rule specified; the usual password and access + checks will be applied and a failure will give an Authorization + Required reply.</p> + + <p>So if a userID appears in the database of more than one module; + or if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code> + directive applies to more than one module; then the first module + will verify the credentials; and no access is passed on; + regardless of the <code class="directive">AuthAuthoritative</code> setting.</p> + + <p>A common use for this is in conjunction with one of the + auth providers; such as <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. Whereas this + DBM module supplies the bulk of the user credential checking; a + few (administrator) related accesses fall through to a lower + level with a well protected .htpasswd file.</p> + + <p>By default, control is not passed on and an unknown userID + or rule will result in an Authorization Required reply. Not + setting it thus keeps the system secure and forces an NCSA + compliant behaviour.</p> + + <p>Security: Do consider the implications of allowing a user to + allow fall-through in his .htaccess file; and verify that this + is really what you want; Generally it is easier to just secure + a single .htpasswd file, than it is to secure a database which + might have more access interfaces.</p> +</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMType" id="AuthDBMType">AuthDBMType</a> <a name="authdbmtype" id="authdbmtype">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description: + </a></th><td>Sets the type of database file that is used to +store passwords</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax: + </a></th><td>AuthDBMType default|SDBM|GDBM|NDBM|DB</td></tr><tr><th><a href="directive-dict.html#Default">Default: + </a></th><td><code>AuthDBMType default</code></td></tr><tr><th><a href="directive-dict.html#Context">Context: + </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override: + </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status: + </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module: + </a></th><td>mod_authn_dbm</td></tr><tr><th><a href="directive-dict.html#Compatibility">Compatibility: + </a></th><td>Available in version 2.0.30 and later.</td></tr></table> + +<p>Sets the type of database file that is used to store the passwords. +The default database type is determined at compile time. The +availability of other types of database files also depends on +<a href="../install.html#dbm">compile-time settings</a>.</p> + +<p>It is crucial that whatever program you use to create your password +files is configured to use the same type of database.</p> +</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMUserFile" id="AuthDBMUserFile">AuthDBMUserFile</a> <a name="authdbmuserfile" id="authdbmuserfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description: + </a></th><td>Sets the name of a database file containing the list of users and +passwords for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax: + </a></th><td>AuthDBMUserFile <em>file-path</em></td></tr><tr><th><a href="directive-dict.html#Context">Context: + </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override: + </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status: + </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module: + </a></th><td>mod_authn_dbm</td></tr></table> + <p>The <code class="directive">AuthDBMUserFile</code> directive sets the + name of a DBM file containing the list of users and passwords for + user authentication. <em>File-path</em> is the absolute path to + the user file.</p> + + <p>The user file is keyed on the username. The value for a user is + the <code>crypt()</code> encrypted password, optionally followed + by a colon and arbitrary data. The colon and the data following it + will be ignored by the server.</p> + + <p>Security: make sure that the + <code class="directive">AuthDBMUserFile</code> is stored outside the + document tree of the web-server; do <em>not</em> put it in the + directory that it protects. Otherwise, clients will be able to + download the <code class="directive">AuthDBMUserFile</code>.</p> + + <p>Important compatibility note: The implementation of + "dbmopen" in the apache modules reads the string length of the + hashed values from the DBM data structures, rather than relying + upon the string being NULL-appended. Some applications, such as + the Netscape web server, rely upon the string being + NULL-appended, so if you are having trouble using DBM files + interchangeably between applications this may be a part of the + problem.</p> + + <p>A perl script called + <a href="../programs/dbmmanage.html">dbmmanage</a> is included with + Apache. This program can be used to create and update DBM + format password files for use with this module.</p> +</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>
\ No newline at end of file |