summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--docs/manual/mod/directives.html.en8
-rw-r--r--docs/manual/mod/index.html.en3
-rw-r--r--docs/manual/mod/mod_auth_basic.html.en52
-rw-r--r--docs/manual/mod/mod_auth_digest.html.en131
-rw-r--r--docs/manual/mod/mod_authn_anon.html.en131
-rw-r--r--docs/manual/mod/mod_authn_dbm.html.en31
-rw-r--r--docs/manual/mod/mod_authn_default.html.en39
-rw-r--r--docs/manual/mod/mod_authn_file.html.en61
-rw-r--r--docs/manual/mod/mod_authz_dbm.html.en96
-rw-r--r--docs/manual/mod/mod_authz_default.html.en39
-rw-r--r--docs/manual/mod/mod_authz_groupfile.html.en80
-rw-r--r--docs/manual/mod/mod_authz_host.html.en121
-rw-r--r--docs/manual/mod/mod_authz_user.html.en39
-rw-r--r--docs/manual/mod/quickreference.html.en65
-rw-r--r--docs/manual/sitemap.html.en3
15 files changed, 527 insertions, 372 deletions
diff --git a/docs/manual/mod/directives.html.en b/docs/manual/mod/directives.html.en
index 04e389f163..28fdf53603 100644
--- a/docs/manual/mod/directives.html.en
+++ b/docs/manual/mod/directives.html.en
@@ -45,7 +45,6 @@
<li><a href="mod_proxy.html#allowconnect">AllowCONNECT</a></li>
<li><a href="core.html#allowoverride">AllowOverride</a></li>
<li><a href="mod_authn_anon.html#anonymous">Anonymous</a></li>
-<li><a href="mod_authn_anon.html#anonymous_authoritative">Anonymous_Authoritative</a></li>
<li><a href="mod_authn_anon.html#anonymous_logemail">Anonymous_LogEmail</a></li>
<li><a href="mod_authn_anon.html#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></li>
<li><a href="mod_authn_anon.html#anonymous_nouserid">Anonymous_NoUserID</a></li>
@@ -56,14 +55,15 @@
<li><a href="mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a></li>
<li><a href="mod_authn_dbm.html#authdbmtype">AuthDBMType</a></li>
<li><a href="mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile</a></li>
+<li><a href="mod_authn_default.html#authdefaultauthoritative">AuthDefaultAuthoritative</a></li>
<li><a href="mod_auth_digest.html#authdigestalgorithm">AuthDigestAlgorithm</a></li>
<li><a href="mod_auth_digest.html#authdigestdomain">AuthDigestDomain</a></li>
-<li><a href="mod_auth_digest.html#authdigestfile">AuthDigestFile</a></li>
-<li><a href="mod_auth_digest.html#authdigestgroupfile">AuthDigestGroupFile</a></li>
<li><a href="mod_auth_digest.html#authdigestnccheck">AuthDigestNcCheck</a></li>
<li><a href="mod_auth_digest.html#authdigestnonceformat">AuthDigestNonceFormat</a></li>
<li><a href="mod_auth_digest.html#authdigestnoncelifetime">AuthDigestNonceLifetime</a></li>
+<li><a href="mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></li>
<li><a href="mod_auth_digest.html#authdigestqop">AuthDigestQop</a></li>
+<li><a href="mod_auth_digest.html#authdigestshmemsize">AuthDigestShmemSize</a></li>
<li><a href="mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></li>
<li><a href="mod_auth_ldap.html#authldapauthoritative">AuthLDAPAuthoritative</a></li>
<li><a href="mod_auth_ldap.html#authldapbinddn">AuthLDAPBindDN</a></li>
@@ -82,7 +82,9 @@
<li><a href="mod_authn_file.html#authuserfile">AuthUserFile</a></li>
<li><a href="mod_authz_dbm.html#authzdbmauthoritative">AuthzDBMAuthoritative</a></li>
<li><a href="mod_authz_dbm.html#authzdbmtype">AuthzDBMType</a></li>
+<li><a href="mod_authz_default.html#authzdefaultauthoritative">AuthzDefaultAuthoritative</a></li>
<li><a href="mod_authz_groupfile.html#authzgroupfileauthoritative">AuthzGroupFileAuthoritative</a></li>
+<li><a href="mod_authz_user.html#authzuserauthoritative">AuthzUserAuthoritative</a></li>
<li><a href="mod_setenvif.html#browsermatch" id="B" name="B">BrowserMatch</a></li>
<li><a href="mod_setenvif.html#browsermatchnocase">BrowserMatchNoCase</a></li>
<li><a href="mod_cache.html#cachedefaultexpire" id="C" name="C">CacheDefaultExpire</a></li>
diff --git a/docs/manual/mod/index.html.en b/docs/manual/mod/index.html.en
index bc4d923d66..044c866b3d 100644
--- a/docs/manual/mod/index.html.en
+++ b/docs/manual/mod/index.html.en
@@ -39,11 +39,14 @@ for HTTP Basic authentication.</dd>
<dt><a href="mod_authn_anon.html">mod_authn_anon</a></dt><dd>Allows "anonymous" user access to authenticated
areas</dd>
<dt><a href="mod_authn_dbm.html">mod_authn_dbm</a></dt><dd>User authentication using DBM files</dd>
+<dt><a href="mod_authn_default.html">mod_authn_default</a></dt><dd>Authentication fallback module</dd>
<dt><a href="mod_authn_file.html">mod_authn_file</a></dt><dd>User authentication using text files</dd>
<dt><a href="mod_authz_dbm.html">mod_authz_dbm</a></dt><dd>Group authorization using DBM files</dd>
+<dt><a href="mod_authz_default.html">mod_authz_default</a></dt><dd>Authorization fallback module</dd>
<dt><a href="mod_authz_groupfile.html">mod_authz_groupfile</a></dt><dd>Group authorization using plaintext files</dd>
<dt><a href="mod_authz_host.html">mod_authz_host</a></dt><dd>Group authorizations based on host (name or IP
address)</dd>
+<dt><a href="mod_authz_user.html">mod_authz_user</a></dt><dd>User Authorization</dd>
<dt><a href="mod_autoindex.html">mod_autoindex</a></dt><dd>Generates directory indexes,
automatically, similar to the Unix <code>ls</code> command or the
Win32 <code>dir</code> shell command</dd>
diff --git a/docs/manual/mod/mod_auth_basic.html.en b/docs/manual/mod/mod_auth_basic.html.en
index f8b9aca002..efb424b8c8 100644
--- a/docs/manual/mod/mod_auth_basic.html.en
+++ b/docs/manual/mod/mod_auth_basic.html.en
@@ -10,30 +10,27 @@
</a></th><td>auth_basic_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
</a></th><td>mod_auth_basic.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
-
<p>This module allows the use of HTTP Basic Authentication to
restrict access by looking up users in the given providers.
HTTP Digest Authentication is provided by
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>.</p>
-
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authbasicauthoritative">AuthBasicAuthoritative</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authbasicprovider">AuthBasicProvider</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthBasicAuthoritative" id="AuthBasicAuthoritative">AuthBasicAuthoritative</a> <a name="authbasicauthoritative" id="authbasicauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
- </a></th><td>Sets whether authorization and authentication are
-passed to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>AuthBasicAuthoritative on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
- </a></th><td><code>AuthBasicAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>Sets whether authorization and authentication are passed to
+lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td><code>AuthBasicAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthBasicAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_basic</td></tr></table>
<p>Setting the <code class="directive">AuthBasicAuthoritative</code> directive
- explicitly to <strong>'off'</strong> allows for both
+ explicitly to <code>Off</code> allows for both
authentication and authorization to be passed on to lower level
- modules (as defined in the <code>Configuration</code> and
- <code>modules.c</code> files) if there is <strong>no
- userID</strong> or <strong>rule</strong> matching the supplied
- userID. If there is a userID and/or rule specified; the usual
+ modules (as defined in the <code>modules.c</code> files) if there is
+ <strong>no userID</strong> or <strong>rule</strong> matching the
+ supplied userID. If there is a userID and/or rule specified, the usual
password and access checks will be applied and a failure will give
an Authorization Required reply.</p>
@@ -43,22 +40,39 @@ passed to lower level modules</td></tr><tr><th><a href="directive-dict.html#Synt
will verify the credentials; and no access is passed on;
regardless of the AuthAuthoritative setting.</p>
- <p>By default; control is not passed on; and an unknown userID or
+ <p>By default control is not passed on and an unknown userID or
rule will result in an Authorization Required reply. Not setting
- it thus keeps the system secure; and forces an NCSA compliant
+ it thus keeps the system secure and forces an NCSA compliant
behaviour.</p>
-
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthBasicProvider" id="AuthBasicProvider">AuthBasicProvider</a> <a name="authbasicprovider" id="authbasicprovider">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the authentication provider(s) for this location</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>AuthBasicProvider <em>provider-name</em></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
- </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
- </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td><code>AuthBasicProvider On|Off|<var>provider-name</var>
+[<var>provider-name</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthBasicProvider On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_basic</td></tr></table>
<p>The <code class="directive">AuthBasicProvider</code> directive sets
- which provider is used to authenticate the users for this location.</p>
+ which provider is used to authenticate the users for this location.
+ Setting the value to <code>On</code> will choose the default provider
+ (<code>file</code>). Since the <code>file</code> provider is implemented
+ by the <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> module, you have to make sure,
+ that the module is present in the server.</p>
+
+ <div class="example"><h3>Example</h3><p><code>
+ &lt;Location /secure&gt;<br />
+ <span class="indent">
+ AuthBasicProvider dbm<br />
+ AuthDBMType SDBM<br />
+ AuthDBMUserFile /www/etc/dbmpasswd<br />
+ Require valid-user<br />
+ </span>
+ &lt;/Location&gt;
+ </code></p></div>
- <p>See <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code>, <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>
+ <p>See <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> and <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>
for providers.</p>
+ <p>The value <code>Off</code> clears the provider list and sets it back
+ to the default.</p>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html> \ No newline at end of file
diff --git a/docs/manual/mod/mod_auth_digest.html.en b/docs/manual/mod/mod_auth_digest.html.en
index 1609ebafc5..e152db9203 100644
--- a/docs/manual/mod/mod_auth_digest.html.en
+++ b/docs/manual/mod/mod_auth_digest.html.en
@@ -10,34 +10,39 @@
</a></th><td>Experimental</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
</a></th><td>auth_digest_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
</a></th><td>mod_auth_digest.c</td></tr></table><h3>Summary</h3>
- <p>This module implements HTTP Digest Authentication. However, it
+ <p>This module implements HTTP Digest Authentication. However, it
has not been extensively tested and is therefore marked
experimental.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authdigestalgorithm">AuthDigestAlgorithm</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestdomain">AuthDigestDomain</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#authdigestfile">AuthDigestFile</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#authdigestgroupfile">AuthDigestGroupFile</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnccheck">AuthDigestNcCheck</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnonceformat">AuthDigestNonceFormat</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestnoncelifetime">AuthDigestNonceLifetime</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#authdigestprovider">AuthDigestProvider</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdigestqop">AuthDigestQop</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#authdigestshmemsize">AuthDigestShmemSize</a></li>
</ul><h3>Topics</h3><ul id="topics"><li><img alt="" src="../images/down.gif" /> <a href="#using">Using Digest Authentication</a></li></ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="using" id="using">Using Digest Authentication</a></h2>
<p>Using MD5 Digest authentication is very simple. Simply set
- up authentication normally, using "AuthType Digest" and
- "AuthDigestFile" instead of the normal "AuthType Basic" and
- "AuthUserFile"; also, replace any "AuthGroupFile" with
- "AuthDigestGroupFile". Then add a "AuthDigestDomain" directive
- containing at least the root URI(s) for this protection space.
- Example:</p>
+ up authentication normally, using <code>AuthType Digest</code> and
+ <code class="directive"><a href="#authdigestprovider">AuthDigestProvider</a></code>
+ instead of the normal <code>AuthType Basic</code> and
+ <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>.
+ Then add a <code class="directive"><a href="#authdigestdomain">AuthDigestDomain</a></code> directive containing at least the root
+ URI(s) for this protection space.</p>
- <div class="example"><p><code>
+ <p>Appropriate user (text) files can be created using the
+ <a href="../programs/htdigest.html">htdigest</a> tool.</p>
+
+ <div class="example"><h3>Example:</h3><p><code>
&lt;Location /private/&gt;<br />
<span class="indent">
AuthType Digest<br />
AuthName "private area"<br />
AuthDigestDomain /private/ http://mirror.my.dom/private2/<br />
- AuthDigestFile /web/auth/.digest_pw<br />
+ <br />
+ AuthDigestProvider file<br />
+ AuthUserFile /web/auth/.digest_pw<br />
Require valid-user<br />
</span>
&lt;/Location&gt;
@@ -46,11 +51,11 @@
<div class="note"><h3>Note</h3>
<p>Digest authentication provides a more secure password system
than Basic authentication, but only works with supporting
- browsers. As of July 2002, the major browsers that support digest
+ browsers. As of November 2002, the major browsers that support digest
authentication are <a href="http://www.opera.com/">Opera</a>, <a href="http://www.microsoft.com/windows/ie/">MS Internet
- Explorer</a> (fails when used with a query string), <a href="http://www.w3.org/Amaya/">Amaya</a> and <a href="http://www.mozilla.org">Mozilla</a>. Since digest
+ Explorer</a> (fails when used with a query string), <a href="http://www.w3.org/Amaya/">Amaya</a>, <a href="http://www.mozilla.org">Mozilla</a> and <a href="http://channels.netscape.com/ns/browsers/download.jsp">Netscape</a> since version 7. Since digest
authentication is not as widely implemented as basic
- authentication, you should use it only in controlled settings.</p>
+ authentication, you should use it only in controlled environments.</p>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestAlgorithm" id="AuthDigestAlgorithm">AuthDigestAlgorithm</a> <a name="authdigestalgorithm" id="authdigestalgorithm">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Selects the algorithm used to calculate the challenge and
@@ -97,48 +102,6 @@ authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
which case clients (which understand this) will then share
username/password info across multiple servers without
prompting the user each time. </p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestFile" id="AuthDigestFile">AuthDigestFile</a> <a name="authdigestfile" id="authdigestfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
- </a></th><td>Location of the text file containing the list
-of users and encoded passwords for digest authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>AuthDigestFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
- </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
- </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
- </a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
- </a></th><td>mod_auth_digest</td></tr></table>
- <p>The <code class="directive">AuthDigestFile</code> directive sets the
- name of a textual file containing the list of users and encoded
- passwords for digest authentication. <var>File-path</var> is the
- absolute path to the user file.</p>
-
- <p>The digest file uses a special format. Files in this format
- can be created using the <a href="../programs/htdigest.html">htdigest</a> utility found in
- the support/ subdirectory of the Apache distribution.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestGroupFile" id="AuthDigestGroupFile">AuthDigestGroupFile</a> <a name="authdigestgroupfile" id="authdigestgroupfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
- </a></th><td>Name of the text file containing the list of groups
-for digest authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>AuthDigestGroupFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
- </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
- </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
- </a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
- </a></th><td>mod_auth_digest</td></tr></table>
- <p>The <code class="directive">AuthDigestGroupFile</code> directive sets
- the name of a textual file containing the list of groups and their
- members (user names). <var>File-path</var> is the absolute path to
- the group file.</p>
-
- <p>Each line of the group file contains a groupname followed by
- a colon, followed by the member usernames separated by spaces.
- Example:</p>
-
- <div class="example"><p><code>mygroup: bob joe anne</code></p></div>
-
- <p>Note that searching large text files is <em>very</em>
- inefficient.</p>
-
- <p>Security: make sure that the AuthGroupFile is stored outside
- the document tree of the web-server; do <em>not</em> put it in
- the directory that it protects. Otherwise, clients will be able
- to download the AuthGroupFile.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestNcCheck" id="AuthDigestNcCheck">AuthDigestNcCheck</a> <a name="authdigestnccheck" id="authdigestnccheck">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Enables or disables checking of the nonce-count sent by the
server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
@@ -158,8 +121,8 @@ server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_digest</td></tr></table>
- <p><strong>Not implemented yet.</strong>
- </p>
+ <div class="note">Not implemented yet.</div>
+
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestNonceLifetime" id="AuthDigestNonceLifetime">AuthDigestNonceLifetime</a> <a name="authdigestnoncelifetime" id="authdigestnoncelifetime">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>How long the server nonce is valid</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td><code>AuthDigestNonceLifetime <var>seconds</var></code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
@@ -177,6 +140,26 @@ server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
seconds. If <var>seconds</var> is less than 0 then the nonce never
expires.
</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestProvider" id="AuthDigestProvider">AuthDigestProvider</a> <a name="authdigestprovider" id="authdigestprovider">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets the authentication provider(s) for this location</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td><code>AuthDigestProvider On|Off|<var>provider-name</var>
+[<var>provider-name</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthBasicProvider On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_auth_digest</td></tr></table>
+ <p>The <code class="directive">AuthDigestProvider</code> directive sets
+ which provider is used to authenticate the users for this location.
+ Setting the value to <code>On</code> will choose the default provider
+ (<code>file</code>). Since the <code>file</code> provider is implemented
+ by the <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> module, you have to make sure,
+ that the module is present in the server.</p>
+
+ <p>See <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> and <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>
+ for providers.</p>
+
+ <p>The value <code>Off</code> clears the provider list and sets it back
+ to the default.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestQop" id="AuthDigestQop">AuthDigestQop</a> <a name="authdigestqop" id="authdigestqop">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Determines the quality-of-protection to use in digest
authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
@@ -187,8 +170,8 @@ authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_auth_digest</td></tr></table>
<p>The <code class="directive">AuthDigestQop</code> directive determines
- the quality-of-protection to use. <code>auth</code> will only do
- authentication (username/password); <code>auth-int</code> is
+ the <dfn>quality-of-protection</dfn> to use. <code>auth</code> will
+ only do authentication (username/password); <code>auth-int</code> is
authentication plus integrity checking (an MD5 hash of the entity
is also computed and checked); <code>none</code> will cause the module
to use the old RFC-2069 digest algorithm (which does not include
@@ -200,4 +183,32 @@ authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
<div class="note">
<code>auth-int</code> is not implemented yet.
</div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDigestShmemSize" id="AuthDigestShmemSize">AuthDigestShmemSize</a> <a name="authdigestshmemsize" id="authdigestshmemsize">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>The amount of shared memory to allocate for keeping track
+of clients</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td><code>AuthDigestShmemSize <var>size</var></code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthDigestShmemSize 1000</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>server config</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Experimental</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_auth_digest</td></tr></table>
+ <p>The <code class="directive">AuthDigestShmemSize</code> directive defines
+ the amount of shared memory, that will be allocated at the server
+ startup for keeping track of clients. Note that the shared memory
+ segment cannot be set less than the space that is neccessary for
+ tracking at least <em>one</em> client. This value is dependant on your
+ system. If you want to find out the exact value, you may simply
+ set <code class="directive">AuthDigestShmemSize</code> to the value of
+ <code>0</code> and read the error message after trying to start the
+ server.</p>
+
+ <p>The <var>size</var> is normally expressed in Bytes, but you
+ may let the number follow a <code>K</code> or an <code>M</code> to
+ express your value as KBytes or MBytes. For example, the following
+ directives are all equivalent:</p>
+
+ <div class="example"><p><code>
+ AuthDigestShmemSize 1048576<br />
+ AuthDigestShmemSize 1024K<br />
+ AuthDigestShmemSize 1M<br />
+ </code></p></div>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html> \ No newline at end of file
diff --git a/docs/manual/mod/mod_authn_anon.html.en b/docs/manual/mod/mod_authn_anon.html.en
index 7eda7b88ba..f9bbacedad 100644
--- a/docs/manual/mod/mod_authn_anon.html.en
+++ b/docs/manual/mod/mod_authn_anon.html.en
@@ -11,8 +11,9 @@
</a></th><td>authn_anon_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
</a></th><td>mod_authn_anon.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
- <p>This module does access control in a manner similar to
- anonymous-ftp sites; <em>i.e.</em> have a 'magic' user id
+ <p>This module provides authentication front-ends such as
+ <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> to authenticate users similar
+ to anonymous-ftp sites, <em>i.e.</em> have a 'magic' user id
'anonymous' and the email address as a password. These email
addresses can be logged.</p>
@@ -23,29 +24,30 @@
tracking is that, unlike magic-cookies and funny URL
pre/postfixes, it is completely browser independent and it
allows users to share URLs.</p>
+
+ <p>When using <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>, this module is invoked
+ via the <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
+ directive with the <code>anon</code> value.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#anonymous">Anonymous</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#anonymous_authoritative">Anonymous_Authoritative</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#anonymous_logemail">Anonymous_LogEmail</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#anonymous_nouserid">Anonymous_NoUserID</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#anonymous_verifyemail">Anonymous_VerifyEmail</a></li>
-</ul><h3>Topics</h3><ul id="topics"><li><img alt="" src="../images/down.gif" /> Example</li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2>Example</h2>
-
- <p>The example below (when combined with the Auth directives of a
- htpasswd-file based (or GDM, mSQL <em>etc.</em>) base access
- control system allows users in as 'guests' with the following
- properties:</p>
+</ul><h3>Topics</h3><ul id="topics"><li><img alt="" src="../images/down.gif" /> <a href="#example">Example</a></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2><a name="example" id="example">Example</a></h2>
+ <p>The example below is combined with "normal" htpasswd-file based
+ authentication and allows users in additionally as 'guests' with the
+ following properties:</p>
<ul>
<li>It insists that the user enters a userId.
- (<code>Anonymous_NoUserId</code>)</li>
+ (<code class="directive"><a href="#anonymous_nouserid">Anonymous_NoUserId</a></code>)</li>
<li>It insists that the user enters a password.
- (<code>Anonymous_MustGiveEmail</code>)</li>
+ (<code class="directive"><a href="#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></code>)</li>
- <li>The password entered must be a valid email address, ie.
+ <li>The password entered must be a valid email address, <em>i.e.</em>
contain at least one '@' and a '.'.
- (<code>Anonymous_VerifyEmail</code>)</li>
+ (<code class="directive"><a href="#anonymous_verifyemail">Anonymous_VerifyEmail</a></code>)</li>
<li>The userID must be one of <code>anonymous guest www test
welcome</code> and comparison is <strong>not</strong> case
@@ -53,38 +55,34 @@
<li>And the Email addresses entered in the passwd field are
logged to the error log file
- (<code>Anonymous_LogEmail</code>)</li>
+ (<code class="directive"><a href="#anonymous_logemail">Anonymous_LogEmail</a></code>)</li>
</ul>
- <p>Excerpt of httpd.conf:</p>
-
-<div class="example"><p><code>
- Anonymous_NoUserId off<br />
- Anonymous_MustGiveEmail on<br />
- Anonymous_VerifyEmail on<br />
- Anonymous_LogEmail on<br />
- Anonymous anonymous guest www test welcome<br />
-<br />
- AuthName "Use 'anonymous' &amp; Email address for
- guest entry"<br />
- AuthType basic<br />
-<br />
- # An
- AuthUserFile/AuthDBMUserFile<br />
- # directive must be specified, or use<br />
- # Anonymous_Authoritative for public access.<br />
- # In the .htaccess for the public directory, add:<br />
- &lt;Files *&gt;<br />
- Order Deny,Allow<br />
- Allow from all<br />
-<br />
- Require valid-user<br />
- &lt;/Files&gt;<br />
-</code></p></div>
+ <div class="example"><h3>Example</h3><p><code>
+ &lt;Directory /foo&gt;
+ <span class="indent">
+ AuthName "Use 'anonymous' &amp; Email address for guest entry"<br />
+ AuthType Basic<br />
+ AuthBasicProvider file anon<br />
+ AuthUserFile /path/to/your/.htpasswd<br />
+ <br />
+ Anonymous_NoUserId off<br />
+ Anonymous_MustGiveEmail on<br />
+ Anonymous_VerifyEmail on<br />
+ Anonymous_LogEmail on<br />
+ Anonymous anonymous guest www test welcome<br />
+ <br />
+ Order Deny,Allow<br />
+ Allow from all<br />
+ <br />
+ Require valid-user<br />
+ </span>
+ &lt;/Directory&gt;
+ </code></p></div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous" id="Anonymous">Anonymous</a> <a name="anonymous" id="anonymous">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Specifies userIDs that areallowed access without
password verification</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>Anonymous <em>user</em> [<em>user</em>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code>Anonymous <var>user</var> [<var>user</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
@@ -96,50 +94,33 @@ password verification</td></tr><tr><th><a href="directive-dict.html#Syntax">Synt
<p>Please note that the comparison is
<strong>case-IN-sensitive</strong>.<br />
- I strongly suggest that the magic username
+ It's strongly recommended that the magic username
'<code>anonymous</code>' is always one of the allowed
userIDs.</p>
- <p>Example:</p>
-<div class="example"><p><code>Anonymous anonymous "Not Registered" 'I don\'t know'</code></p></div>
+ <div class="example"><h3>Example:</h3><p><code>
+ Anonymous anonymous "Not Registered" "I don't know"
+ </code></p></div>
<p>This would allow the user to enter without password
- verification by using the userId's 'anonymous',
- 'AnonyMous','Not Registered' and 'I Don't Know'.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_Authoritative" id="Anonymous_Authoritative">Anonymous_Authoritative</a> <a name="anonymous_authoritative" id="anonymous_authoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
- </a></th><td>Configures if authorization will fall-through
-to other methods</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>Anonymous_Authoritative on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
- </a></th><td><code>Anonymous_Authoritative off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
- </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
- </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
- </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
- </a></th><td>mod_authn_anon</td></tr></table>
- <p>When set 'on', there is no fall-through to other authorization
- methods. So if a userID does not match the values specified in the
- <code class="directive"><a href="#anonymous">Anonymous</a></code> directive,
- access is denied.</p>
-
- <p>Be sure you know what you are doing when you decide to
- switch it on. And remember that it is the linking order of the
- modules (in the Configuration / Make file) which details the
- order in which the Authorization modules are queried.</p>
+ verification by using the userIDs "anonymous",
+ "AnonyMous", "Not Registered" and "I Don't Know".</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_LogEmail" id="Anonymous_LogEmail">Anonymous_LogEmail</a> <a name="anonymous_logemail" id="anonymous_logemail">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether the password entered will be logged in the
error log</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>Anonymous_LogEmail on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
- </a></th><td><code>Anonymous_LogEmail on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code>Anonymous_LogEmail On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>Anonymous_LogEmail On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_anon</td></tr></table>
- <p>When set <code>on</code>, the default, the 'password' entered
+ <p>When set <code>On</code>, the default, the 'password' entered
(which hopefully contains a sensible email address) is logged in
the error log.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_MustGiveEmail" id="Anonymous_MustGiveEmail">Anonymous_MustGiveEmail</a> <a name="anonymous_mustgiveemail" id="anonymous_mustgiveemail">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Specifies whether blank passwords are allowed</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>Anonymous_MustGiveEmail on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
- </a></th><td><code>Anonymous_MustGiveEmail on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code>Anonymous_MustGiveEmail On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>Anonymous_MustGiveEmail On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
@@ -148,26 +129,26 @@ error log</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
the password. This prohibits blank passwords.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_NoUserID" id="Anonymous_NoUserID">Anonymous_NoUserID</a> <a name="anonymous_nouserid" id="anonymous_nouserid">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether the userID field may be empty</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>Anonymous_NoUserID on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
- </a></th><td><code>Anonymous_NoUserID off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code>Anonymous_NoUserID On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>Anonymous_NoUserID Off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_anon</td></tr></table>
- <p>When set <code>on</code>, users can leave the userID (and
+ <p>When set <code>On</code>, users can leave the userID (and
perhaps the password field) empty. This can be very convenient for
MS-Explorer users who can just hit return or click directly on the
OK button; which seems a natural reaction.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_VerifyEmail" id="Anonymous_VerifyEmail">Anonymous_VerifyEmail</a> <a name="anonymous_verifyemail" id="anonymous_verifyemail">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets whether to check the password field for a correctly
formatted email address</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>Anonymous_VerifyEmail on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
- </a></th><td><code>Anonymous_VerifyEmail off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code>Anonymous_VerifyEmail On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>Anonymous_VerifyEmail Off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_anon</td></tr></table>
- <p>When set <code>on</code> the 'password' entered is checked for
+ <p>When set <code>On</code> the 'password' entered is checked for
at least one '@' and a '.' to encourage users to enter valid email
- addresses (see the above <code class="directive"><a href="#auth_logemail">Auth_LogEmail</a></code>).</p>
+ addresses (see the above <code class="directive"><a href="#anonymous_logemail">Anonymous_LogEmail</a></code>).</p>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html> \ No newline at end of file
diff --git a/docs/manual/mod/mod_authn_dbm.html.en b/docs/manual/mod/mod_authn_dbm.html.en
index 2403487147..7242c5aa80 100644
--- a/docs/manual/mod/mod_authn_dbm.html.en
+++ b/docs/manual/mod/mod_authn_dbm.html.en
@@ -12,14 +12,15 @@
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
<p>This module provides authentication front-ends such as
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>
- to authenticate users by looking up users in plain text password files.
- Similar functionality is provided by <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>.</p>
+ to authenticate users by looking up users in <dfn>dbm</dfn> password
+ files. Similar functionality is provided by
+ <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>.</p>
<p>When using <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the
<code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or
<code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
- with the 'dbm' value.</p>
+ with the <code>dbm</code> value.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authdbmtype">AuthDBMType</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authdbmuserfile">AuthDBMUserFile</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li><li>
@@ -34,27 +35,25 @@ store passwords</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
- </a></th><td>mod_authn_dbm</td></tr><tr><th><a href="directive-dict.html#Compatibility">Compatibility:
- </a></th><td>Available in version 2.0.30 and later.</td></tr></table>
-
-<p>Sets the type of database file that is used to store the passwords.
-The default database type is determined at compile time. The
-availability of other types of database files also depends on
-<a href="../install.html#dbm">compile-time settings</a>.</p>
+ </a></th><td>mod_authn_dbm</td></tr></table>
+ <p>Sets the type of database file that is used to store the passwords.
+ The default database type is determined at compile time. The
+ availability of other types of database files also depends on
+ <a href="../install.html#dbm">compile-time settings</a>.</p>
-<p>It is crucial that whatever program you use to create your password
-files is configured to use the same type of database.</p>
+ <p>It is crucial that whatever program you use to create your password
+ files is configured to use the same type of database.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMUserFile" id="AuthDBMUserFile">AuthDBMUserFile</a> <a name="authdbmuserfile" id="authdbmuserfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the name of a database file containing the list of users and
passwords for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>AuthDBMUserFile <em>file-path</em></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code>AuthDBMUserFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_dbm</td></tr></table>
<p>The <code class="directive">AuthDBMUserFile</code> directive sets the
name of a DBM file containing the list of users and passwords for
- user authentication. <em>File-path</em> is the absolute path to
+ user authentication. <var>File-path</var> is the absolute path to
the user file.</p>
<p>The user file is keyed on the username. The value for a user is
@@ -69,8 +68,8 @@ passwords for authentication</td></tr><tr><th><a href="directive-dict.html#Synta
download the <code class="directive">AuthDBMUserFile</code>.</p>
<p>Important compatibility note: The implementation of
- "dbmopen" in the apache modules reads the string length of the
- hashed values from the DBM data structures, rather than relying
+ <code>dbmopen</code> in the apache modules reads the string length of
+ the hashed values from the DBM data structures, rather than relying
upon the string being NULL-appended. Some applications, such as
the Netscape web server, rely upon the string being
NULL-appended, so if you are having trouble using DBM files
diff --git a/docs/manual/mod/mod_authn_default.html.en b/docs/manual/mod/mod_authn_default.html.en
new file mode 100644
index 0000000000..71338ecc51
--- /dev/null
+++ b/docs/manual/mod/mod_authn_default.html.en
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ This file is generated from xml source: DO NOT EDIT
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ --><title>mod_authn_default - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.1</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs-project/">Documentation</a> &gt; <a href="../">Version 2.1</a> &gt; <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authn_default</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
+ </a></th><td>Authentication fallback module</td></tr><tr><th><a href="module-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
+ </a></th><td>authn_default_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
+ </a></th><td>mod_authn_default.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
+ </a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
+ <p>This module is designed to be the fallback module, if you don't
+ have configured an authentication module like
+ <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>. It simply rejects any
+ credentials supplied by the user.</p>
+</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authdefaultauthoritative">AuthDefaultAuthoritative</a></li>
+</ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDefaultAuthoritative" id="AuthDefaultAuthoritative">AuthDefaultAuthoritative</a> <a name="authdefaultauthoritative" id="authdefaultauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets whether authentication is passed to lower level
+modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td><code>AuthDefaultAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthDefaultAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authn_default</td></tr></table>
+ <p>Setting the <code class="directive">AuthDefaultAuthoritative</code> directive
+ explicitly to <code>Off</code> allows for authentication to be passed on
+ to lower level modules (as defined in the <code>modules.c</code>
+ files).</p>
+
+ <div class="note"><h3>Note</h3>
+ <p>Normally there are no lower level modules, since
+ <code class="module"><a href="../mod/mod_authn_default.html">mod_authn_default</a></code> is defined to be already on
+ a <em>very low</em> level. Therefore you should leave the value of
+ <code class="directive">AuthDefaultAuthoritative</code> as default
+ (<code>On</code>).</p>
+ </div>
+</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html> \ No newline at end of file
diff --git a/docs/manual/mod/mod_authn_file.html.en b/docs/manual/mod/mod_authn_file.html.en
index 2545080be4..41da1a920e 100644
--- a/docs/manual/mod/mod_authn_file.html.en
+++ b/docs/manual/mod/mod_authn_file.html.en
@@ -10,7 +10,6 @@
</a></th><td>authn_file_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
</a></th><td>mod_authn_file.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
-
<p>This module provides authentication front-ends such as
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>
to authenticate users by looking up users in plain text password files.
@@ -20,53 +19,67 @@
<code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the
<code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or
<code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
- with the 'file' value.</p>
-
+ with the <code>file</code> value.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authuserfile">AuthUserFile</a></li>
-</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li><li>
+</ul><h3>See also</h3><ul class="seealso"><li>
<code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
</li><li>
<code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
-</li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthUserFile" id="AuthUserFile">AuthUserFile</a> <a name="authuserfile" id="authuserfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+</li><li><a href="../programs/htpasswd.html">htpasswd</a></li><li><a href="../programs/htdigest.html">htdigest</a></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthUserFile" id="AuthUserFile">AuthUserFile</a> <a name="authuserfile" id="authuserfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the name of a text file containing the list of users and
passwords for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>AuthUserFile <em>file-path</em></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code>AuthUserFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authn_file</td></tr></table>
<p>The <code class="directive">AuthUserFile</code> directive sets the name
of a textual file containing the list of users and passwords for
- user authentication. <em>File-path</em> is the path to the user
- file. If it is not absolute (<em>i.e.</em>, if it doesn't begin
- with a slash), it is treated as relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
+ user authentication. <var>File-path</var> is the path to the user
+ file. If it is not absolute, it is treated as relative to the
+ <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
<p>Each line of the user file contains a username followed by
- a colon, followed by the <code>crypt()</code> encrypted
- password. The behavior of multiple occurrences of the same user is
- undefined.</p>
+ a colon, followed by the encrypted password. If the same user
+ ID is defined multiple times, <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> will
+ use the first occurrence to verify the password.</p>
<p>The utility <a href="../programs/htpasswd.html">htpasswd</a>
which is installed as part of the binary distribution, or which
can be found in <code>src/support</code>, is used to maintain
- this password file. See the <code>man</code> page for more
- details. In short:</p>
+ the password file for <em>HTTP Basic Authentication</em>. See the
+ <a href="../programs/htpasswd.html">man page</a> for more details.
+ In short:</p>
+
+ <p>Create a password file <code>Filename</code> with
+ <code>username</code> as the initial ID. It will prompt for
+ the password:</p>
- <p>Create a password file 'Filename' with 'username' as the
- initial ID. It will prompt for the password:</p>
- <div class="example"><p><code>htpasswd -c Filename username</code></p></div>
+ <div class="example"><p><code>
+ htpasswd -c Filename username
+ </code></p></div>
- <p>Add or modify 'username2' in the password file 'Filename':</p>
- <div class="example"><p><code>htpasswd Filename username2</code></p></div>
+ <p>Add or modify <code>username2</code> in the password file
+ <code>Filename</code>:</p>
+
+ <div class="example"><p><code>
+ htpasswd Filename username2
+ </code></p></div>
<p>Note that searching large text files is <em>very</em>
inefficient; <code class="directive"><a href="../mod/mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile</a></code> should be used
instead.</p>
- <div class="note"><h3>Security</h3>
- <p>Make sure that the <code class="directive">AuthUserFile</code> is
- stored outside the document tree of the web-server; do <em>not</em>
- put it in the directory that it protects. Otherwise, clients will
- be able to download the <code class="directive">AuthUserFile</code>.</p>
+ <p>If you are using <em>HTTP Digest Authentication</em>, the <a href="../programs/htpasswd.html">htpasswd</a> tool is not sufficient.
+ You have to use <a href="../programs/htdigest.html">htdigest</a>
+ instead. Note that you cannot mix user data for Digest Authentication
+ and Basic Authentication within the same file.</p>
+
+ <div class="warning"><h3>Security</h3>
+ <p>Make sure that the <code class="directive">AuthUserFile</code> is
+ stored outside the document tree of the web-server. Do
+ <strong>not</strong> put it in the directory that it protects.
+ Otherwise, clients may be able to download the
+ <code class="directive">AuthUserFile</code>.</p>
</div>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html> \ No newline at end of file
diff --git a/docs/manual/mod/mod_authz_dbm.html.en b/docs/manual/mod/mod_authz_dbm.html.en
index b3f598cc1a..224a8d03a1 100644
--- a/docs/manual/mod/mod_authz_dbm.html.en
+++ b/docs/manual/mod/mod_authz_dbm.html.en
@@ -20,14 +20,14 @@
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMGroupFile" id="AuthDBMGroupFile">AuthDBMGroupFile</a> <a name="authdbmgroupfile" id="authdbmgroupfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the name of the database file containing the list
of user groups for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>AuthDBMGroupFile <em>file-path</em></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code>AuthDBMGroupFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_dbm</td></tr></table>
<p>The <code class="directive">AuthDBMGroupFile</code> directive sets the
name of a DBM file containing the list of user groups for user
- authentication. <em>File-path</em> is the absolute path to the
+ authentication. <var>File-path</var> is the absolute path to the
group file.</p>
<p>The group file is keyed on the username. The value for a
@@ -35,12 +35,14 @@ of user groups for authentication</td></tr><tr><th><a href="directive-dict.html#
belongs. There must be no whitespace within the value, and it
must never contain any colons.</p>
- <p>Security: make sure that the
- <code class="directive">AuthDBMGroupFile</code> is stored outside the
- document tree of the web-server; do <em>not</em> put it in the
- directory that it protects. Otherwise, clients will be able to
- download the <code class="directive">AuthDBMGroupFile</code> unless
- otherwise protected.</p>
+ <div class="warning"><h3>Security</h3>
+ <p>Make sure that the <code class="directive">AuthDBMGroupFile</code> is
+ stored outside the document tree of the web-server. Do
+ <strong>not</strong> put it in the directory that it protects.
+ Otherwise, clients will be able to download the
+ <code class="directive">AuthDBMGroupFile</code> unless otherwise
+ protected.</p>
+ </div>
<p>Combining Group and Password DBM files: In some cases it is
easier to manage a single database which contains both the
@@ -50,41 +52,40 @@ of user groups for authentication</td></tr><tr><th><a href="directive-dict.html#
accomplished by first setting the group and password files to
point to the same DBM:</p>
-<div class="example"><p><code>
-AuthDBMGroupFile /www/userbase<br />
-AuthDBMUserFile /www/userbase
-</code></p></div>
+ <div class="example"><p><code>
+ AuthDBMGroupFile /www/userbase<br />
+ AuthDBMUserFile /www/userbase
+ </code></p></div>
<p>The key for the single DBM is the username. The value consists
of</p>
-<div class="example"><p><code>Unix Crypt-ed Password : List of Groups [ : (ignored)
- ]</code></p></div>
+ <div class="example"><p><code>
+ Encrypted Password : List of Groups [ : (ignored) ]
+ </code></p></div>
- <p>The password section contains the Unix <code>crypt()</code>
+ <p>The password section contains the encrypted
password as before. This is followed by a colon and the comma
separated list of groups. Other data may optionally be left in the
DBM file after another colon; it is ignored by the authentication
module. This is what www.telescope.org uses for its combined
password and group database.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzDBMAuthoritative" id="AuthzDBMAuthoritative">AuthzDBMAuthoritative</a> <a name="authzdbmauthoritative" id="authzdbmauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
- </a></th><td>Sets whether authorization will be passed on to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>AuthzDBMAuthoritative on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
- </a></th><td><code>AuthzDBMAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>Sets whether authorization will be passed on to lower level
+modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td><code>AuthzDBMAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthzDBMAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_dbm</td></tr></table>
-
<p>Setting the <code class="directive">AuthzDBMAuthoritative</code>
- directive explicitly to <strong>'off'</strong> allows for both
- authentication and authorization to be passed on to lower level
- modules (as defined in the <code>Configuration</code> and
- <code>modules.c</code> file if there is <strong>no userID</strong>
- or <strong>rule</strong> matching the supplied userID. If there is
- a userID and/or rule specified; the usual password and access
- checks will be applied and a failure will give an Authorization
- Required reply.</p>
+ directive explicitly to <code>Off</code> allows group authorization
+ to be passed on to lower level modules (as defined in the
+ <code>modules.c</code> file) if there is no group found
+ for the the supplied userID. If there are any groups
+ specified, the usual checks will be applied and a failure will
+ give an Authentication Required reply.</p>
<p>So if a userID appears in the database of more than one module;
or if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
@@ -93,21 +94,24 @@ AuthDBMUserFile /www/userbase
regardless of the <code class="directive">AuthAuthoritative</code> setting.</p>
<p>A common use for this is in conjunction with one of the
- auth providers; such as <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. Whereas this
- DBM module supplies the bulk of the user credential checking; a
- few (administrator) related accesses fall through to a lower
- level with a well protected .htpasswd file.</p>
+ auth providers; such as <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> or
+ <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. Whereas this DBM module supplies
+ the bulk of the user credential checking; a few (administrator) related
+ accesses fall through to a lower level with a well protected
+ <code>.htpasswd</code> file.</p>
- <p>By default, control is not passed on and an unknown userID
- or rule will result in an Authorization Required reply. Not
+ <p>By default, control is not passed on and an unknown group
+ will result in an Authentication Required reply. Not
setting it thus keeps the system secure and forces an NCSA
compliant behaviour.</p>
- <p>Security: Do consider the implications of allowing a user to
- allow fall-through in his .htaccess file; and verify that this
- is really what you want; Generally it is easier to just secure
- a single .htpasswd file, than it is to secure a database which
- might have more access interfaces.</p>
+ <div class="warning"><h3>Security</h3>
+ <p>Do consider the implications of allowing a user to
+ allow fall-through in his .htaccess file; and verify that this
+ is really what you want; Generally it is easier to just secure
+ a single <code>.htpasswd</code> file, than it is to secure a
+ database which might have more access interfaces.</p>
+ </div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzDBMType" id="AuthzDBMType">AuthzDBMType</a> <a name="authzdbmtype" id="authzdbmtype">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the type of database file that is used to
store passwords</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
@@ -116,14 +120,12 @@ store passwords</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
- </a></th><td>mod_authz_dbm</td></tr><tr><th><a href="directive-dict.html#Compatibility">Compatibility:
- </a></th><td>Available in version 2.0.30 and later.</td></tr></table>
-
-<p>Sets the type of database file that is used to store the passwords.
-The default database type is determined at compile time. The
-availability of other types of database files also depends on
-<a href="../install.html#dbm">compile-time settings</a>.</p>
+ </a></th><td>mod_authz_dbm</td></tr></table>
+ <p>Sets the type of database file that is used to store the passwords.
+ The default database type is determined at compile time. The
+ availability of other types of database files also depends on
+ <a href="../install.html#dbm">compile-time settings</a>.</p>
-<p>It is crucial that whatever program you use to create your password
-files is configured to use the same type of database.</p>
+ <p>It is crucial that whatever program you use to create your password
+ files is configured to use the same type of database.</p>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html> \ No newline at end of file
diff --git a/docs/manual/mod/mod_authz_default.html.en b/docs/manual/mod/mod_authz_default.html.en
new file mode 100644
index 0000000000..02b00a80ad
--- /dev/null
+++ b/docs/manual/mod/mod_authz_default.html.en
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ This file is generated from xml source: DO NOT EDIT
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ --><title>mod_authz_default - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.1</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs-project/">Documentation</a> &gt; <a href="../">Version 2.1</a> &gt; <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authz_default</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
+ </a></th><td>Authorization fallback module</td></tr><tr><th><a href="module-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
+ </a></th><td>authz_default_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
+ </a></th><td>mod_authz_default.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
+ </a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
+ <p>This module is designed to be the fallback module, if you don't
+ have configured an authorization module like
+ <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code> or <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code>.
+ It simply rejects any authorization request.</p>
+</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authzdefaultauthoritative">AuthzDefaultAuthoritative</a></li>
+</ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzDefaultAuthoritative" id="AuthzDefaultAuthoritative">AuthzDefaultAuthoritative</a> <a name="authzdefaultauthoritative" id="authzdefaultauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets whether authorization is passed to lower level
+modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td><code>AuthzDefaultAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthzDefaultAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authz_default</td></tr></table>
+ <p>Setting the <code class="directive">AuthzDefaultAuthoritative</code> directive
+ explicitly to <code>Off</code> allows for authorization to be passed on
+ to lower level modules (as defined in the <code>modules.c</code>
+ files).</p>
+
+ <div class="note"><h3>Note</h3>
+ <p>Normally there are no lower level modules, since
+ <code class="module"><a href="../mod/mod_authz_default.html">mod_authz_default</a></code> is defined to be already on
+ a <em>very low</em> level. Therefore you should leave the value of
+ <code class="directive">AuthzDefaultAuthoritative</code> as default
+ (<code>On</code>).</p>
+ </div>
+</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html> \ No newline at end of file
diff --git a/docs/manual/mod/mod_authz_groupfile.html.en b/docs/manual/mod/mod_authz_groupfile.html.en
index ea7ab5d92c..eb3e4a8dde 100644
--- a/docs/manual/mod/mod_authz_groupfile.html.en
+++ b/docs/manual/mod/mod_authz_groupfile.html.en
@@ -6,78 +6,70 @@
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
--><title>mod_authz_groupfile - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.1</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs-project/">Documentation</a> &gt; <a href="../">Version 2.1</a> &gt; <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authz_groupfile</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
</a></th><td>Group authorization using plaintext files</td></tr><tr><th><a href="module-dict.html#Status">Status:
- </a></th><td>Extension</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
+ </a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
</a></th><td>authz_groupfile_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
</a></th><td>mod_authz_groupfile.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
</a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
<p>This module provides authorization capabilities so that
- authenticated users can be allowed or denied access to portions
- of the web site by group membership. Similar functionality is
- provided by <code class="module"><a href="../mod/mod_authz_dbm.html">mod_authz_dbm</a></code>.</p>
+ authenticated users can be allowed or denied access to portions
+ of the web site by group membership. Similar functionality is
+ provided by <code class="module"><a href="../mod/mod_authz_dbm.html">mod_authz_dbm</a></code>.</p>
</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authgroupfile">AuthGroupFile</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#authzgroupfileauthoritative">AuthzGroupFileAuthoritative</a></li>
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthGroupFile" id="AuthGroupFile">AuthGroupFile</a> <a name="authgroupfile" id="authgroupfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Sets the name of a text file containing the list
of user groups for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>AuthGroupFile <em>file-path</em></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code>AuthGroupFile <var>file-path</var></code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
- </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_groupfile</td></tr></table>
<p>The <code class="directive">AuthGroupFile</code> directive sets the
name of a textual file containing the list of user groups for user
- authentication. <em>File-path</em> is the path to the group
- file. If it is not absolute (<em>i.e.</em>, if it doesn't begin
- with a slash), it is treated as relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
+ authentication. <var>File-path</var> is the path to the group
+ file. If it is not absolute, it is treated as relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
<p>Each line of the group file contains a groupname followed by a
- colon, followed by the member usernames separated by spaces.
- Example:</p>
+ colon, followed by the member usernames separated by spaces.</p>
- <div class="example"><p><code>mygroup: bob joe anne</code></p></div>
+ <div class="example"><h3>Example:</h3><p><code>
+ mygroup: bob joe anne
+ </code></p></div>
<p>Note that searching large text files is <em>very</em>
- inefficient; <code class="directive"><a href="../mod/mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a></code> should be used
- instead.</p>
+ inefficient; <code class="directive"><a href="../mod/mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a></code> provides a much better performance.</p>
- <div class="note"><h3>Security</h3>
- <p>Make sure that the <code class="directive">AuthGroupFile</code> is
- stored outside the document tree of the web-server; do <em>not</em>
- put it in the directory that it protects. Otherwise, clients will
- be able to download the <code class="directive">AuthGroupFile</code>.</p>
+ <div class="warning"><h3>Security</h3>
+ <p>Make sure that the <code class="directive">AuthGroupFile</code> is
+ stored outside the document tree of the web-server; do <em>not</em>
+ put it in the directory that it protects. Otherwise, clients may
+ be able to download the <code class="directive">AuthGroupFile</code>.</p>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzGroupFileAuthoritative" id="AuthzGroupFileAuthoritative">AuthzGroupFileAuthoritative</a> <a name="authzgroupfileauthoritative" id="authzgroupfileauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
- </a></th><td>Sets whether authorization will be passed on to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code>AuthzGroupFileAuthoritative on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
- </a></th><td><code>AuthzGroupFileAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>Sets whether authorization will be passed on to lower level
+modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td><code>AuthzGroupFileAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthzGroupFileAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
- </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_groupfile</td></tr></table>
-
<p>Setting the <code class="directive">AuthzGroupFileAuthoritative</code>
- directive explicitly to <strong>'off'</strong> allows for
- authorization to be passed on to lower level modules (as defined in
- the <code>Configuration</code> and <code>modules.c</code> file if
- there is <strong>no userID</strong> or <strong>rule</strong> matching
- the supplied userID. If there is a userID and/or rule specified; the
- usual password and access checks will be applied and a failure will
- give an Authorization Required reply.</p>
-
- <p>So if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
- directive applies to more than one module; then the first module
- will verify the credentials; and no access is passed on;
- regardless of the <code class="directive">AuthzGroupFileAuthoritative</code>
- setting.</p>
+ directive explicitly to <code>Off</code> allows for
+ group authorization to be passed on to lower level modules (as defined
+ in the <code>modules.c</code> files) if there is <strong>no
+ group</strong> matching the supplied userID.</p>
- <p>By default, control is not passed on and an unknown userID
- or rule will result in an Authorization Required reply. Not
+ <p>By default, control is not passed on and an unknown group
+ will result in an Authentication Required reply. Not
setting it thus keeps the system secure and forces an NCSA
compliant behaviour.</p>
- <p>Security: Do consider the implications of allowing a user to
- allow fall-through in his .htaccess file; and verify that this
- is really what you want; Generally it is easier to just secure
- a single .htpasswd file, than it is to secure a database which
- might have more access interfaces.</p>
+ <div class="warning"><h3>Security</h3>
+ <p>Do consider the implications of allowing a user to
+ allow fall-through in his <code>.htaccess</code> file; and verify
+ that this is really what you want; Generally it is easier to just
+ secure a single <code>.htpasswd</code> file, than it is to secure
+ a database which might have more access interfaces.</p>
+ </div>
</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html> \ No newline at end of file
diff --git a/docs/manual/mod/mod_authz_host.html.en b/docs/manual/mod/mod_authz_host.html.en
index 641a443be6..aafe0ef77e 100644
--- a/docs/manual/mod/mod_authz_host.html.en
+++ b/docs/manual/mod/mod_authz_host.html.en
@@ -42,14 +42,12 @@ address)</td></tr><tr><th><a href="module-dict.html#Status">Status:
</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Allow" id="Allow">Allow</a> <a name="allow" id="allow">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Controls which hosts can access an area of the
server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code> Allow from
- all|<em>host</em>|env=<em>env-variable</em>
- [<em>host</em>|env=<em>env-variable</em>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code> Allow from all|<var>host</var>|env=<var>env-variable</var>
+[<var>host</var>|env=<var>env-variable</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>Limit</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_host</td></tr></table>
-
<p>The <code class="directive">Allow</code> directive affects which hosts can
access an area of the server. Access can be controlled by
hostname, IP Address, IP Address range, or by other
@@ -68,38 +66,52 @@ server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
<dl>
<dt>A (partial) domain-name</dt>
- <dd>Example: <code>Allow from apache.org</code><br />
- Hosts whose names match, or end in, this string are allowed
+ <dd>
+ <div class="example"><h3>Example:</h3><p><code>
+ Allow from apache.org
+ </code></p></div>
+ <p>Hosts whose names match, or end in, this string are allowed
access. Only complete components are matched, so the above
example will match <code>foo.apache.org</code> but it will
not match <code>fooapache.org</code>. This configuration will
cause the server to perform a reverse DNS lookup on the
client IP address, regardless of the setting of the <code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code>
- directive.</dd>
+ directive.</p></dd>
<dt>A full IP address</dt>
- <dd>Example: <code>Allow from 10.1.2.3</code><br />
- An IP address of a host allowed access</dd>
+ <dd>
+ <div class="example"><h3>Example:</h3><p><code>
+ Allow from 10.1.2.3
+ </code></p></div>
+ <p>An IP address of a host allowed access</p></dd>
<dt>A partial IP address</dt>
- <dd>Example: <code>Allow from 10.1</code><br />
- The first 1 to 3 bytes of an IP address, for subnet
- restriction.</dd>
+ <dd>
+ <div class="example"><h3>Example:</h3><p><code>
+ Allow from 10.1
+ </code></p></div>
+ <p>The first 1 to 3 bytes of an IP address, for subnet
+ restriction.</p></dd>
<dt>A network/netmask pair</dt>
- <dd>Example: <code>Allow from
- 10.1.0.0/255.255.0.0</code><br />
- A network a.b.c.d, and a netmask w.x.y.z. For more
- fine-grained subnet restriction.</dd>
+ <dd>
+ <div class="example"><h3>Example:</h3><p><code>
+ Allow from 10.1.0.0/255.255.0.0
+ </code></p></div>
+ <p>A network a.b.c.d, and a netmask w.x.y.z. For more
+ fine-grained subnet restriction.</p></dd>
<dt>A network/nnn CIDR specification</dt>
- <dd>Example: <code>Allow from 10.1.0.0/16</code><br />
- Similar to the previous case, except the netmask consists of
- nnn high-order 1 bits.</dd>
+ <dd>
+ <div class="example"><h3>Example:</h3><p><code>
+ Allow from 10.1.0.0/16
+ </code></p></div>
+ <p>Similar to the previous case, except the netmask consists of
+ nnn high-order 1 bits.</p></dd>
</dl>
<p>Note that the last three examples above match exactly the
@@ -116,25 +128,26 @@ server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
<p>The third format of the arguments to the
<code class="directive">Allow</code> directive allows access to the server
to be controlled based on the existence of an <a href="../env.html">environment variable</a>. When <code>Allow from
- env=</code><em>env-variable</em> is specified, then the request is
- allowed access if the environment variable <em>env-variable</em>
+ env=<var>env-variable</var></code> is specified, then the request is
+ allowed access if the environment variable <var>env-variable</var>
exists. The server provides the ability to set environment
variables in a flexible way based on characteristics of the client
request using the directives provided by
- <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>. Therefore, this directive can be
+ <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>. Therefore, this directive can be
used to allow access based on such factors as the clients
<code>User-Agent</code> (browser type), <code>Referer</code>, or
other HTTP request header fields.</p>
-<div class="example"><h3>Example:</h3><p><code>
-
-SetEnvIf User-Agent ^KnockKnock/2.0 let_me_in<br />
-&lt;Directory /docroot&gt;<br />
-   Order Deny,Allow<br />
-   Deny from all<br />
-   Allow from env=let_me_in<br />
-&lt;/Directory&gt;
-</code></p></div>
+ <div class="example"><h3>Example:</h3><p><code>
+ SetEnvIf User-Agent ^KnockKnock/2.0 let_me_in<br />
+ &lt;Directory /docroot&gt;<br />
+ <span class="indent">
+ Order Deny,Allow<br />
+ Deny from all<br />
+ Allow from env=let_me_in<br />
+ </span>
+ &lt;/Directory&gt;
+ </code></p></div>
<p>In this case, browsers with a user-agent string beginning
with <code>KnockKnock/2.0</code> will be allowed access, and all
@@ -142,9 +155,8 @@ SetEnvIf User-Agent ^KnockKnock/2.0 let_me_in<br />
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Deny" id="Deny">Deny</a> <a name="deny" id="deny">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
</a></th><td>Controls which hosts are denied access to the
server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code> Deny from
- all|<em>host</em>|env=<em>env-variable</em>
- [<em>host</em>|env=<em>env-variable</em>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td><code> Deny from all|<var>host</var>|env=<var>env-variable</var>
+[<var>host</var>|env=<var>env-variable</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>Limit</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
@@ -157,28 +169,27 @@ server</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
</a></th><td>Controls the default access state and the order in which
Allow and Deny are
evaluated.</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
- </a></th><td><code> Order <em>ordering</em></code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code> Order <var>ordering</var></code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
</a></th><td><code>Order Deny,Allow</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
</a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
</a></th><td>Limit</td></tr><tr><th><a href="directive-dict.html#Status">Status:
</a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
</a></th><td>mod_authz_host</td></tr></table>
-
<p>The <code class="directive">Order</code> directive controls the default
access state and the order in which <code class="directive"><a href="#allow">Allow</a></code> and <code class="directive"><a href="#deny">Deny</a></code> directives are evaluated.
- <em>Ordering</em> is one of</p>
+ <var>Ordering</var> is one of</p>
<dl>
- <dt>Deny,Allow</dt>
+ <dt><code>Deny,Allow</code></dt>
<dd>The <code class="directive"><a href="#deny">Deny</a></code> directives
are evaluated before the <code class="directive"><a href="#allow">Allow</a></code> directives. Access is
- allowed by default. Any client which does not match a
+ allowed by default. Any client which does not match a
<code class="directive"><a href="#deny">Deny</a></code> directive or does
match an <code class="directive"><a href="#allow">Allow</a></code>
directive will be allowed access to the server.</dd>
- <dt>Allow,Deny</dt>
+ <dt><code>Allow,Deny</code></dt>
<dd>The <code class="directive"><a href="#allow">Allow</a></code>
directives are evaluated before the <code class="directive"><a href="#deny">Deny</a></code> directives. Access is denied
@@ -186,7 +197,7 @@ evaluated.</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
<code class="directive"><a href="#deny">Deny</a></code> directive will be
denied access to the server.</dd>
- <dt>Mutual-failure</dt>
+ <dt><code>Mutual-failure</code></dt>
<dd>Only those hosts which appear on the <code class="directive"><a href="#allow">Allow</a></code> list and do not appear on
the <code class="directive"><a href="#deny">Deny</a></code> list are
@@ -195,17 +206,17 @@ evaluated.</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
configuration.</dd>
</dl>
- <p>Keywords may only be separated by a comma; no whitespace is
+ <p>Keywords may only be separated by a comma; <em>no whitespace</em> is
allowed between them. Note that in all cases every <code class="directive"><a href="#allow">Allow</a></code> and <code class="directive"><a href="#deny">Deny</a></code> statement is evaluated.</p>
<p>In the following example, all hosts in the apache.org domain
are allowed access; all other hosts are denied access.</p>
-<div class="example"><p><code>
+ <div class="example"><p><code>
Order Deny,Allow<br />
Deny from all<br />
- Allow from apache.org<br />
-</code></p></div>
+ Allow from apache.org
+ </code></p></div>
<p>In the next example, all hosts in the apache.org domain are
allowed access, except for the hosts which are in the
@@ -213,11 +224,11 @@ evaluated.</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
in the apache.org domain are denied access because the default
state is to deny access to the server.</p>
-<div class="example"><p><code>
- Order Allow,Deny<br />
- Allow from apache.org<br />
- Deny from foo.apache.org<br />
-</code></p></div>
+ <div class="example"><p><code>
+ Order Allow,Deny<br />
+ Allow from apache.org<br />
+ Deny from foo.apache.org
+ </code></p></div>
<p>On the other hand, if the <code class="directive">Order</code> in the last
example is changed to <code>Deny,Allow</code>, all hosts will
@@ -232,13 +243,15 @@ evaluated.</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
<p>The presence of an <code class="directive">Order</code> directive can affect
access to a part of the server even in the absence of accompanying
<code class="directive"><a href="#allow">Allow</a></code> and <code class="directive"><a href="#deny">Deny</a></code> directives because of its effect
- on the default access state. For example,</p>
+ on the default access state. For example,</p>
-<div class="example"><p><code>
+ <div class="example"><p><code>
&lt;Directory /www&gt;<br />
-   Order Allow,Deny<br />
+ <span class="indent">
+ Order Allow,Deny<br />
+ </span>
&lt;/Directory&gt;
-</code></p></div>
+ </code></p></div>
<p>will deny all access to the <code>/www</code> directory
because the default access state will be set to
diff --git a/docs/manual/mod/mod_authz_user.html.en b/docs/manual/mod/mod_authz_user.html.en
new file mode 100644
index 0000000000..20b2865bbd
--- /dev/null
+++ b/docs/manual/mod/mod_authz_user.html.en
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ This file is generated from xml source: DO NOT EDIT
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ --><title>mod_authz_user - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.1</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs-project/">Documentation</a> &gt; <a href="../">Version 2.1</a> &gt; <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authz_user</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
+ </a></th><td>User Authorization</td></tr><tr><th><a href="module-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
+ </a></th><td>authz_user_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
+ </a></th><td>mod_authz_user.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
+ </a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
+ <p>This module provides authorization capabilities so that
+ authenticated users can be allowed or denied access to portions
+ of the web site. <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code> grants
+ access if the authenticated user is listed in a <code>Require user</code>
+ directive. Alternatively <code>require valid-user</code> can be used to
+ grant access to all successfully authenticated users.</p>
+</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authzuserauthoritative">AuthzUserAuthoritative</a></li>
+</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzUserAuthoritative" id="AuthzUserAuthoritative">AuthzUserAuthoritative</a> <a name="authzuserauthoritative" id="authzuserauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets whether authorization will be passed on to lower level
+modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td><code>AuthzUserAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthzUserAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authz_user</td></tr></table>
+ <p>Setting the <code class="directive">AuthzUserAuthoritative</code>
+ directive explicitly to <code>Off</code> allows for
+ user authorization to be passed on to lower level modules (as defined
+ in the <code>modules.c</code> files) if there is <strong>no
+ user</strong> matching the supplied userID.</p>
+
+ <p>By default, control is not passed on and an unknown user
+ will result in an Authentication Required reply. Not
+ setting it to <code>Off</code> thus keeps the system secure and forces
+ an NCSA compliant behaviour.</p>
+</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html> \ No newline at end of file
diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en
index dd62a58725..6d4815a56d 100644
--- a/docs/manual/mod/quickreference.html.en
+++ b/docs/manual/mod/quickreference.html.en
@@ -90,50 +90,50 @@ onto the specified content type</td></tr>
<tr><td><a href="mod_alias.html#aliasmatch">AliasMatch <var>regex</var>
<var>file-path</var>|<var>directory-path</var></a></td><td /><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps URLs to filesystem locations using regular
expressions</td></tr>
-<tr class="odd"><td><a href="mod_authz_host.html#allow"> Allow from
- all|<em>host</em>|env=<em>env-variable</em>
- [<em>host</em>|env=<em>env-variable</em>] ...</a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls which hosts can access an area of the
+<tr class="odd"><td><a href="mod_authz_host.html#allow"> Allow from all|<var>host</var>|env=<var>env-variable</var>
+[<var>host</var>|env=<var>env-variable</var>] ...</a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls which hosts can access an area of the
server</td></tr>
<tr><td><a href="mod_proxy.html#allowconnect">AllowCONNECT <em>port</em> [<em>port</em>] ...</a></td><td> 443 563 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Ports that are allowed to <code>CONNECT</code> through
the proxy</td></tr>
<tr class="odd"><td><a href="core.html#allowoverride">AllowOverride All|None|<var>directive-type</var>
[<var>directive-type</var>] ...</a></td><td> All </td><td>d</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Types of directives that are allowed in
.htaccess files</td></tr>
-<tr><td><a href="mod_authn_anon.html#anonymous">Anonymous <em>user</em> [<em>user</em>] ...</a></td><td /><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies userIDs that areallowed access without
+<tr><td><a href="mod_authn_anon.html#anonymous">Anonymous <var>user</var> [<var>user</var>] ...</a></td><td /><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies userIDs that areallowed access without
password verification</td></tr>
-<tr class="odd"><td><a href="mod_authn_anon.html#anonymous_authoritative">Anonymous_Authoritative on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures if authorization will fall-through
-to other methods</td></tr>
-<tr><td><a href="mod_authn_anon.html#anonymous_logemail">Anonymous_LogEmail on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether the password entered will be logged in the
+<tr class="odd"><td><a href="mod_authn_anon.html#anonymous_logemail">Anonymous_LogEmail On|Off</a></td><td> On </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether the password entered will be logged in the
error log</td></tr>
-<tr class="odd"><td><a href="mod_authn_anon.html#anonymous_mustgiveemail">Anonymous_MustGiveEmail on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies whether blank passwords are allowed</td></tr>
-<tr><td><a href="mod_authn_anon.html#anonymous_nouserid">Anonymous_NoUserID on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether the userID field may be empty</td></tr>
-<tr class="odd"><td><a href="mod_authn_anon.html#anonymous_verifyemail">Anonymous_VerifyEmail on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether to check the password field for a correctly
+<tr><td><a href="mod_authn_anon.html#anonymous_mustgiveemail">Anonymous_MustGiveEmail On|Off</a></td><td> On </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies whether blank passwords are allowed</td></tr>
+<tr class="odd"><td><a href="mod_authn_anon.html#anonymous_nouserid">Anonymous_NoUserID On|Off</a></td><td> Off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether the userID field may be empty</td></tr>
+<tr><td><a href="mod_authn_anon.html#anonymous_verifyemail">Anonymous_VerifyEmail On|Off</a></td><td> Off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether to check the password field for a correctly
formatted email address</td></tr>
-<tr><td><a href="perchild.html#assignuserid">AssignUserID <var>user_id</var> <var>group_id</var></a></td><td /><td>v</td><td>M</td></tr><tr><td class="descr" colspan="4">-</td></tr>
-<tr class="odd"><td><a href="mod_auth_basic.html#authbasicauthoritative">AuthBasicAuthoritative on|off</a></td><td> on </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether authorization and authentication are
-passed to lower level modules</td></tr>
-<tr><td><a href="mod_auth_basic.html#authbasicprovider">AuthBasicProvider <em>provider-name</em></a></td><td /><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
-<tr class="odd"><td><a href="mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile <em>file-path</em></a></td><td /><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the name of the database file containing the list
+<tr class="odd"><td><a href="perchild.html#assignuserid">AssignUserID <var>user_id</var> <var>group_id</var></a></td><td /><td>v</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">-</td></tr>
+<tr><td><a href="mod_auth_basic.html#authbasicauthoritative">AuthBasicAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets whether authorization and authentication are passed to
+lower level modules</td></tr>
+<tr class="odd"><td><a href="mod_auth_basic.html#authbasicprovider">AuthBasicProvider On|Off|<var>provider-name</var>
+[<var>provider-name</var>] ...</a></td><td> On </td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
+<tr><td><a href="mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile <var>file-path</var></a></td><td /><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the name of the database file containing the list
of user groups for authentication</td></tr>
-<tr><td><a href="mod_authn_dbm.html#authdbmtype">AuthDBMType default|SDBM|GDBM|NDBM|DB</a></td><td> default </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the type of database file that is used to
+<tr class="odd"><td><a href="mod_authn_dbm.html#authdbmtype">AuthDBMType default|SDBM|GDBM|NDBM|DB</a></td><td> default </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the type of database file that is used to
store passwords</td></tr>
-<tr class="odd"><td><a href="mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile <em>file-path</em></a></td><td /><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the name of a database file containing the list of users and
+<tr><td><a href="mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile <var>file-path</var></a></td><td /><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the name of a database file containing the list of users and
passwords for authentication</td></tr>
+<tr class="odd"><td><a href="mod_authn_default.html#authdefaultauthoritative">AuthDefaultAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether authentication is passed to lower level
+modules</td></tr>
<tr><td><a href="mod_auth_digest.html#authdigestalgorithm">AuthDigestAlgorithm MD5|MD5-sess</a></td><td> MD5 </td><td>dh</td><td>X</td></tr><tr><td class="descr" colspan="4">Selects the algorithm used to calculate the challenge and
response hases in digest authentication</td></tr>
<tr class="odd"><td><a href="mod_auth_digest.html#authdigestdomain">AuthDigestDomain <var>URI</var> [<var>URI</var>] ...</a></td><td /><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">URIs that are in the same protection space for digest
authentication</td></tr>
-<tr><td><a href="mod_auth_digest.html#authdigestfile">AuthDigestFile <var>file-path</var></a></td><td /><td>dh</td><td>X</td></tr><tr><td class="descr" colspan="4">Location of the text file containing the list
-of users and encoded passwords for digest authentication</td></tr>
-<tr class="odd"><td><a href="mod_auth_digest.html#authdigestgroupfile">AuthDigestGroupFile <var>file-path</var></a></td><td /><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the text file containing the list of groups
-for digest authentication</td></tr>
<tr><td><a href="mod_auth_digest.html#authdigestnccheck">AuthDigestNcCheck On|Off</a></td><td> Off </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Enables or disables checking of the nonce-count sent by the
server</td></tr>
<tr class="odd"><td><a href="mod_auth_digest.html#authdigestnonceformat">AuthDigestNonceFormat <var>format</var></a></td><td /><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines how the nonce is generated</td></tr>
<tr><td><a href="mod_auth_digest.html#authdigestnoncelifetime">AuthDigestNonceLifetime <var>seconds</var></a></td><td> 300 </td><td>dh</td><td>X</td></tr><tr><td class="descr" colspan="4">How long the server nonce is valid</td></tr>
-<tr class="odd"><td><a href="mod_auth_digest.html#authdigestqop">AuthDigestQop none|auth|auth-int [auth|auth-int]</a></td><td> auth </td><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the quality-of-protection to use in digest
+<tr class="odd"><td><a href="mod_auth_digest.html#authdigestprovider">AuthDigestProvider On|Off|<var>provider-name</var>
+[<var>provider-name</var>] ...</a></td><td /><td>d</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
+<tr><td><a href="mod_auth_digest.html#authdigestqop">AuthDigestQop none|auth|auth-int [auth|auth-int]</a></td><td> auth </td><td>dh</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines the quality-of-protection to use in digest
authentication</td></tr>
-<tr><td><a href="mod_authz_groupfile.html#authgroupfile">AuthGroupFile <em>file-path</em></a></td><td /><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the name of a text file containing the list
+<tr class="odd"><td><a href="mod_auth_digest.html#authdigestshmemsize">AuthDigestShmemSize <var>size</var></a></td><td> 1000 </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The amount of shared memory to allocate for keeping track
+of clients</td></tr>
+<tr><td><a href="mod_authz_groupfile.html#authgroupfile">AuthGroupFile <var>file-path</var></a></td><td /><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets the name of a text file containing the list
of user groups for authentication</td></tr>
<tr class="odd"><td><a href="mod_auth_ldap.html#authldapauthoritative">AuthLDAPAuthoritative on|off</a></td><td> on </td><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Prevent other authentication modules from
authenticating the user if this one fails</td></tr>
@@ -153,12 +153,18 @@ environment variable</td></tr>
<tr class="odd"><td><a href="core.html#authname">AuthName <var>auth-domain</var></a></td><td /><td>dh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Authorization realm for use in HTTP
authentication</td></tr>
<tr><td><a href="core.html#authtype">AuthType Basic|Digest</a></td><td /><td>dh</td><td>C</td></tr><tr><td class="descr" colspan="4">Type of user authentication</td></tr>
-<tr class="odd"><td><a href="mod_authn_file.html#authuserfile">AuthUserFile <em>file-path</em></a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the name of a text file containing the list of users and
+<tr class="odd"><td><a href="mod_authn_file.html#authuserfile">AuthUserFile <var>file-path</var></a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the name of a text file containing the list of users and
passwords for authentication</td></tr>
-<tr><td><a href="mod_authz_dbm.html#authzdbmauthoritative">AuthzDBMAuthoritative on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether authorization will be passed on to lower level modules</td></tr>
+<tr><td><a href="mod_authz_dbm.html#authzdbmauthoritative">AuthzDBMAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether authorization will be passed on to lower level
+modules</td></tr>
<tr class="odd"><td><a href="mod_authz_dbm.html#authzdbmtype">AuthzDBMType default|SDBM|GDBM|NDBM|DB</a></td><td> default </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the type of database file that is used to
store passwords</td></tr>
-<tr><td><a href="mod_authz_groupfile.html#authzgroupfileauthoritative">AuthzGroupFileAuthoritative on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets whether authorization will be passed on to lower level modules</td></tr>
+<tr><td><a href="mod_authz_default.html#authzdefaultauthoritative">AuthzDefaultAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets whether authorization is passed to lower level
+modules</td></tr>
+<tr class="odd"><td><a href="mod_authz_groupfile.html#authzgroupfileauthoritative">AuthzGroupFileAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether authorization will be passed on to lower level
+modules</td></tr>
+<tr><td><a href="mod_authz_user.html#authzuserauthoritative">AuthzUserAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets whether authorization will be passed on to lower level
+modules</td></tr>
<tr class="odd"><td><a href="mod_setenvif.html#browsermatch" id="B" name="B">BrowserMatch <em>regex [!]env-variable</em>[=<em>value</em>]
[[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td /><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables conditional on HTTP User-Agent
</td></tr>
@@ -245,9 +251,8 @@ server cannot determine a type in any other way</td></tr>
<tr><td><a href="mod_deflate.html#deflatefilternote">DeflateFilterNote <var>notename</var></a></td><td /><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Places the compression ratio in a note for logging</td></tr>
<tr class="odd"><td><a href="mod_deflate.html#deflatememlevel">DeflateMemLevel <var>value</var></a></td><td> 9 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">How much memory should be used by zlib for compression</td></tr>
<tr><td><a href="mod_deflate.html#deflatewindowsize">DeflateWindowSize <var>value</var></a></td><td> 15 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Zlib compression window size</td></tr>
-<tr class="odd"><td><a href="mod_authz_host.html#deny"> Deny from
- all|<em>host</em>|env=<em>env-variable</em>
- [<em>host</em>|env=<em>env-variable</em>] ...</a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls which hosts are denied access to the
+<tr class="odd"><td><a href="mod_authz_host.html#deny"> Deny from all|<var>host</var>|env=<var>env-variable</var>
+[<var>host</var>|env=<var>env-variable</var>] ...</a></td><td /><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls which hosts are denied access to the
server</td></tr>
<tr><td><a href="core.html#directory">&lt;Directory <var>directory-path</var>&gt;
... &lt;/Directory&gt;</a></td><td /><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Enclose a group of directives that apply only to the
@@ -415,7 +420,7 @@ to directly</td></tr>
<tr><td><a href="core.html#options" id="O" name="O">Options
[+|-]<var>option</var> [[+|-]<var>option</var>] ...</a></td><td> All </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures what features are available in a particular
directory</td></tr>
-<tr class="odd"><td><a href="mod_authz_host.html#order"> Order <em>ordering</em></a></td><td> Deny,Allow </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls the default access state and the order in which
+<tr class="odd"><td><a href="mod_authz_host.html#order"> Order <var>ordering</var></a></td><td> Deny,Allow </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls the default access state and the order in which
<code class="directive">Allow</code> and <code class="directive">Deny</code> are
evaluated.</td></tr>
<tr><td><a href="mod_env.html#passenv" id="P" name="P">PassEnv <var>env-variable</var> [<var>env-variable</var>]
diff --git a/docs/manual/sitemap.html.en b/docs/manual/sitemap.html.en
index a24657ce92..a8bdc401d3 100644
--- a/docs/manual/sitemap.html.en
+++ b/docs/manual/sitemap.html.en
@@ -98,10 +98,13 @@ Server on HPUX</a></li>
<li><a href="mod/mod_auth_ldap.html">Apache Module mod_auth_ldap</a></li>
<li><a href="mod/mod_authn_anon.html">Apache Module mod_authn_anon</a></li>
<li><a href="mod/mod_authn_dbm.html">Apache Module mod_authn_dbm</a></li>
+<li><a href="mod/mod_authn_default.html">Apache Module mod_authn_default</a></li>
<li><a href="mod/mod_authn_file.html">Apache Module mod_authn_file</a></li>
<li><a href="mod/mod_authz_dbm.html">Apache Module mod_authz_dbm</a></li>
+<li><a href="mod/mod_authz_default.html">Apache Module mod_authz_default</a></li>
<li><a href="mod/mod_authz_groupfile.html">Apache Module mod_authz_groupfile</a></li>
<li><a href="mod/mod_authz_host.html">Apache Module mod_authz_host</a></li>
+<li><a href="mod/mod_authz_user.html">Apache Module mod_authz_user</a></li>
<li><a href="mod/mod_autoindex.html">Apache Module mod_autoindex</a></li>
<li><a href="mod/mod_cache.html">Apache Module mod_cache</a></li>
<li><a href="mod/mod_cern_meta.html">Apache Module mod_cern_meta</a></li>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 23:40:08 +0100