1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
5 This file is generated from xml source: DO NOT EDIT
6 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
7 --><title>mod_auth_basic - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.1</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.1</a> > <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_auth_basic</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
8 </a></th><td>Basic authentication</td></tr><tr><th><a href="module-dict.html#Status">Status:
9 </a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
10 </a></th><td>auth_basic_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
11 </a></th><td>mod_auth_basic.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
12 </a></th><td>Available in Apache 2.1 and later</td></tr></table><h3>Summary</h3>
13 <p>This module allows the use of HTTP Basic Authentication to
14 restrict access by looking up users in the given providers.
15 HTTP Digest Authentication is provided by
16 <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>.</p>
17 </div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authbasicauthoritative">AuthBasicAuthoritative</a></li>
18 <li><img alt="" src="../images/down.gif" /> <a href="#authbasicprovider">AuthBasicProvider</a></li>
19 </ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthBasicAuthoritative" id="AuthBasicAuthoritative">AuthBasicAuthoritative</a> <a name="authbasicauthoritative" id="authbasicauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
20 </a></th><td>Sets whether authorization and authentication are passed to
21 lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
22 </a></th><td><code>AuthBasicAuthoritative On|Off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
23 </a></th><td><code>AuthBasicAuthoritative On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
24 </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
25 </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
26 </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
27 </a></th><td>mod_auth_basic</td></tr></table>
28 <p>Setting the <code class="directive">AuthBasicAuthoritative</code> directive
29 explicitly to <code>Off</code> allows for both
30 authentication and authorization to be passed on to lower level
31 modules (as defined in the <code>modules.c</code> files) if there is
32 <strong>no userID</strong> or <strong>rule</strong> matching the
33 supplied userID. If there is a userID and/or rule specified, the usual
34 password and access checks will be applied and a failure will give
35 an Authorization Required reply.</p>
37 <p>So if a userID appears in the database of more than one module;
38 or if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
39 directive applies to more than one module; then the first module
40 will verify the credentials; and no access is passed on;
41 regardless of the AuthAuthoritative setting.</p>
43 <p>By default control is not passed on and an unknown userID or
44 rule will result in an Authorization Required reply. Not setting
45 it thus keeps the system secure and forces an NCSA compliant
47 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthBasicProvider" id="AuthBasicProvider">AuthBasicProvider</a> <a name="authbasicprovider" id="authbasicprovider">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
48 </a></th><td>Sets the authentication provider(s) for this location</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
49 </a></th><td><code>AuthBasicProvider On|Off|<var>provider-name</var>
50 [<var>provider-name</var>] ...</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
51 </a></th><td><code>AuthBasicProvider On</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
52 </a></th><td>directory</td></tr><tr><th><a href="directive-dict.html#Status">Status:
53 </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
54 </a></th><td>mod_auth_basic</td></tr></table>
55 <p>The <code class="directive">AuthBasicProvider</code> directive sets
56 which provider is used to authenticate the users for this location.
57 Setting the value to <code>On</code> will choose the default provider
58 (<code>file</code>). Since the <code>file</code> provider is implemented
59 by the <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> module, you have to make sure,
60 that the module is present in the server.</p>
62 <div class="example"><h3>Example</h3><p><code>
63 <Location /secure><br />
65 AuthBasicProvider dbm<br />
66 AuthDBMType SDBM<br />
67 AuthDBMUserFile /www/etc/dbmpasswd<br />
68 Require valid-user<br />
73 <p>See <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> and <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>
76 <p>The value <code>Off</code> clears the provider list and sets it back
78 </div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>