blob: edf7ba11618ee95be15d3ffa53904683370d63b8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML>
<HEAD>
<TITLE>Apache module mod_auth</TITLE>
</HEAD>
<BODY>
<!--#include virtual="header.html" -->
<H1>Module mod_auth</h1>
This module is contained in the <code>mod_auth.c</code> file, and
is compiled in by default. It provides for user authentication using
textual files.
<menu>
<li><A HREF="#authgroupfile">AuthGroupFile</A>
<li><A HREF="#authuserfile">AuthUserFile</A>
</menu>
<hr>
<A name="authgroupfile"><h2>AuthGroupFile</h2></A>
<!--%plaintext <?INDEX {\tt AuthGroupFile} directive> -->
<strong>Syntax:</strong> AuthGroupFile <em>filename</em><br>
<Strong>Context:</strong> directory, .htaccess<br>
<Strong>Override:</strong> AuthConfig<br>
<strong>Status:</strong> Base<br>
<strong>Module:</strong> mod_auth<p>
The AuthGroupFile directive sets the name of a textual file containing the list
of user groups for user authentication. <em>Filename</em> is the absolute path
to the group file.<p>
Each line of the group file contains a groupname followed by a colon, followed
by the member usernames separated by spaces. Example:
<blockquote><code>mygroup: bob joe anne</code></blockquote>
Note that searching large groups files is <em>very</em> inefficient;
<A HREF="mod_auth_dbm.html#authdbmgroupfile">AuthDBMGroupFile</A> should
be used instead.<p>
Security: make sure that the AuthGroupFile is stored outside the
document tree of the webserver; do <em>not</em> put it in the directory that
it protects. Otherwise, clients will be able to download the AuthGroupFile.<p>
See also <A HREF="core.html#authname">AuthName</A>,
<A HREF="core.html#authtype">AuthType</A> and
<A HREF="#authuserfile">AuthUserFile</A>.<p><hr>
<A name="authuserfile"><h2>AuthUserFile</h2></A>
<!--%plaintext <?INDEX {\tt AuthUserFile} directive> -->
<strong>Syntax:</strong> AuthUserFile <em>filename</em><br>
<Strong>Context:</strong> directory, .htaccess<br>
<Strong>Override:</strong> AuthConfig<br>
<strong>Status:</strong> Base<br>
<strong>Module:</strong> mod_auth<p>
The AuthUserFile directive sets the name of a textual file containing the list
of users and passwords for user authentication. <em>Filename</em> is the
absolute path to the user file.<p>
Each line of the user file file contains a username followed by a colon,
followed by the crypt() encrypted password. The behaviour of multiple
occurrences of the same user is undefined.<p>
Note that searching user groups files is inefficient;
<A HREF="mod_auth_dbm.html#authdbmuserfile">AuthDBMUserFile</A> should
be used instead.<p>
Security: make sure that the AuthUserFile is stored outside the
document tree of the webserver; do <em>not</em> put it in the directory that
it protects. Otherwise, clients will be able to download the AuthUserFile.<p>
See also <A HREF="core.html#authname">AuthName</A>,
<A HREF="core.html#authtype">AuthType</A> and
<A HREF="#authgroupfile">AuthGroupFile</A>.<p>
<!--#include virtual="footer.html" -->
</BODY>
</HTML>
|
