2 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
3 <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
4 <!-- $LastChangedRevision$ -->
7 Copyright 2002-2006 The Apache Software Foundation or its licensors, as
10 Licensed under the Apache License, Version 2.0 (the "License");
11 you may not use this file except in compliance with the License.
12 You may obtain a copy of the License at
14 http://www.apache.org/licenses/LICENSE-2.0
16 Unless required by applicable law or agreed to in writing, software
17 distributed under the License is distributed on an "AS IS" BASIS,
18 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 See the License for the specific language governing permissions and
20 limitations under the License.
23 <modulesynopsis metafile="mod_auth_basic.xml.meta">
25 <name>mod_auth_basic</name>
26 <description>Basic authentication</description>
28 <sourcefile>mod_auth_basic.c</sourcefile>
29 <identifier>auth_basic_module</identifier>
30 <compatibility>Available in Apache 2.1 and later</compatibility>
33 <p>This module allows the use of HTTP Basic Authentication to
34 restrict access by looking up users in the given providers.
35 HTTP Digest Authentication is provided by
36 <module>mod_auth_digest</module>. This module should
37 usually be combined with at least one authentication module
38 such as <module>mod_authn_file</module> and one authorization
39 module such as <module>mod_authz_user</module>.</p>
41 <seealso><directive module="mod_authn_core">AuthName</directive></seealso>
42 <seealso><directive module="mod_authn_core">AuthType</directive></seealso>
43 <seealso><directive module="mod_authz_core">Require</directive></seealso>
44 <seealso><directive module="mod_authz_core">Reject</directive></seealso>
45 <seealso><directive module="mod_access_compat">Satisfy</directive> (Deprecated)</seealso>
46 <seealso><directive module="mod_authz_core"><SatisfyAll></directive></seealso>
47 <seealso><directive module="mod_authz_core"><SatisfyOne></directive></seealso>
48 <seealso><a href="../howto/auth.html">Authentication howto</a></seealso>
51 <name>AuthBasicProvider</name>
52 <description>Sets the authentication provider(s) for this location</description>
53 <syntax>AuthBasicProvider <var>provider-name</var>
54 [<var>provider-name</var>] ...</syntax>
55 <default>AuthBasicProvider file</default>
56 <contextlist><context>directory</context><context>.htaccess</context>
58 <override>AuthConfig</override>
61 <p>The <directive>AuthBasicProvider</directive> directive sets
62 which provider is used to authenticate the users for this location.
63 The default <code>file</code> provider is implemented
64 by the <module>mod_authn_file</module> module. Make sure
65 that the chosen provider module is present in the server.</p>
67 <example><title>Example</title>
68 <Location /secure><br />
71 AuthName "private area"<br />
72 AuthBasicProvider dbm<br />
73 AuthDBMType SDBM<br />
74 AuthDBMUserFile /www/etc/dbmpasswd<br />
75 Require valid-user<br />
80 <p>Providers are implemented by <module>mod_authn_dbm</module>,
81 <module>mod_authn_file</module>, <module>mod_authn_dbd</module>,
82 and <module>mod_authnz_ldap</module>.</p>
87 <name>AuthBasicAuthoritative</name>
88 <description>Sets whether authorization and authentication are passed to
89 lower level modules</description>
90 <syntax>AuthBasicAuthoritative On|Off</syntax>
91 <default>AuthBasicAuthoritative On</default>
92 <contextlist><context>directory</context><context>.htaccess</context>
94 <override>AuthConfig</override>
97 <p>Normally, each authorization module listed in <directive
98 module="mod_auth_basic">AuthBasicProvider</directive> will attempt
99 to verify the user, and if the user is not found in any provider,
100 access will be denied. Setting the
101 <directive>AuthBasicAuthoritative</directive> directive explicitly
102 to <code>Off</code> allows for both authentication and
103 authorization to be passed on to other non-provider-based modules
104 if there is <strong>no userID</strong> or <strong>rule</strong>
105 matching the supplied userID. This should only be necessary when
106 combining <module>mod_auth_basic</module> with third-party modules
107 that are not configured with the <directive
108 module="mod_auth_basic">AuthBasicProvider</directive>
109 directive. When using such modules, the order of processing
110 is determined in the modules' source code and is not configurable.</p>