1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
5 This file is generated from xml source: DO NOT EDIT
6 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
7 --><title>mod_authn_anon - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.0</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authn_anon</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
8 </a></th><td>Allows "anonymous" user access to authenticated
9 areas</td></tr><tr><th><a href="module-dict.html#Status">Status:
10 </a></th><td>Extension</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
11 </a></th><td>authn_anon_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
12 </a></th><td>mod_authn_anon.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
13 </a></th><td>Available in Apache 2.0.44 and later</td></tr></table><h3>Summary</h3>
14 <p>This module does access control in a manner similar to
15 anonymous-ftp sites; <em>i.e.</em> have a 'magic' user id
16 'anonymous' and the email address as a password. These email
17 addresses can be logged.</p>
19 <p>Combined with other (database) access control methods, this
20 allows for effective user tracking and customization according
21 to a user profile while still keeping the site open for
22 'unregistered' users. One advantage of using Auth-based user
23 tracking is that, unlike magic-cookies and funny URL
24 pre/postfixes, it is completely browser independent and it
25 allows users to share URLs.</p>
26 </div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#anonymous">Anonymous</a></li>
27 <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_authoritative">Anonymous_Authoritative</a></li>
28 <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_logemail">Anonymous_LogEmail</a></li>
29 <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></li>
30 <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_nouserid">Anonymous_NoUserID</a></li>
31 <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_verifyemail">Anonymous_VerifyEmail</a></li>
32 </ul><h3>Topics</h3><ul id="topics"><li><img alt="" src="../images/down.gif" /> Example</li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="section"><h2>Example</h2>
34 <p>The example below (when combined with the Auth directives of a
35 htpasswd-file based (or GDM, mSQL <em>etc.</em>) base access
36 control system allows users in as 'guests' with the following
40 <li>It insists that the user enters a userId.
41 (<code>Anonymous_NoUserId</code>)</li>
43 <li>It insists that the user enters a password.
44 (<code>Anonymous_MustGiveEmail</code>)</li>
46 <li>The password entered must be a valid email address, ie.
47 contain at least one '@' and a '.'.
48 (<code>Anonymous_VerifyEmail</code>)</li>
50 <li>The userID must be one of <code>anonymous guest www test
51 welcome</code> and comparison is <strong>not</strong> case
54 <li>And the Email addresses entered in the passwd field are
55 logged to the error log file
56 (<code>Anonymous_LogEmail</code>)</li>
59 <p>Excerpt of httpd.conf:</p>
61 <div class="example"><p><code>
62 Anonymous_NoUserId off<br />
63 Anonymous_MustGiveEmail on<br />
64 Anonymous_VerifyEmail on<br />
65 Anonymous_LogEmail on<br />
66 Anonymous anonymous guest www test welcome<br />
68 AuthName "Use 'anonymous' & Email address for
73 AuthUserFile/AuthDBUserFile/AuthDBMUserFile<br />
74 # directive must be specified, or use<br />
75 # Anonymous_Authoritative for public access.<br />
76 # In the .htaccess for the public directory, add:<br />
78 Order Deny,Allow<br />
81 Require valid-user<br />
84 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous" id="Anonymous">Anonymous</a> <a name="anonymous" id="anonymous">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
85 </a></th><td>Specifies userIDs that areallowed access without
86 password verification</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
87 </a></th><td><code>Anonymous <em>user</em> [<em>user</em>] ...</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
88 </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
89 </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
90 </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
91 </a></th><td>mod_authn_anon</td></tr></table>
92 <p>A list of one or more 'magic' userIDs which are allowed
93 access without password verification. The userIDs are space
94 separated. It is possible to use the ' and " quotes to allow a
95 space in a userID as well as the \ escape character.</p>
97 <p>Please note that the comparison is
98 <strong>case-IN-sensitive</strong>.<br />
99 I strongly suggest that the magic username
100 '<code>anonymous</code>' is always one of the allowed
104 <div class="example"><p><code>Anonymous anonymous "Not Registered" 'I don\'t know'</code></p></div>
106 <p>This would allow the user to enter without password
107 verification by using the userId's 'anonymous',
108 'AnonyMous','Not Registered' and 'I Don't Know'.</p>
109 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_Authoritative" id="Anonymous_Authoritative">Anonymous_Authoritative</a> <a name="anonymous_authoritative" id="anonymous_authoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
110 </a></th><td>Configures if authorization will fall-through
111 to other methods</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
112 </a></th><td><code>Anonymous_Authoritative on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
113 </a></th><td><code>Anonymous_Authoritative off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
114 </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
115 </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
116 </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
117 </a></th><td>mod_authn_anon</td></tr></table>
118 <p>When set 'on', there is no fall-through to other authorization
119 methods. So if a userID does not match the values specified in the
120 <code class="directive"><a href="#anonymous">Anonymous</a></code> directive,
121 access is denied.</p>
123 <p>Be sure you know what you are doing when you decide to
124 switch it on. And remember that it is the linking order of the
125 modules (in the Configuration / Make file) which details the
126 order in which the Authorization modules are queried.</p>
127 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_LogEmail" id="Anonymous_LogEmail">Anonymous_LogEmail</a> <a name="anonymous_logemail" id="anonymous_logemail">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
128 </a></th><td>Sets whether the password entered will be logged in the
129 error log</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
130 </a></th><td><code>Anonymous_LogEmail on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
131 </a></th><td><code>Anonymous_LogEmail on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
132 </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
133 </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
134 </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
135 </a></th><td>mod_authn_anon</td></tr></table>
136 <p>When set <code>on</code>, the default, the 'password' entered
137 (which hopefully contains a sensible email address) is logged in
139 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_MustGiveEmail" id="Anonymous_MustGiveEmail">Anonymous_MustGiveEmail</a> <a name="anonymous_mustgiveemail" id="anonymous_mustgiveemail">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
140 </a></th><td>Specifies whether blank passwords are allowed</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
141 </a></th><td><code>Anonymous_MustGiveEmail on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
142 </a></th><td><code>Anonymous_MustGiveEmail on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
143 </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
144 </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
145 </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
146 </a></th><td>mod_authn_anon</td></tr></table>
147 <p>Specifies whether the user must specify an email address as
148 the password. This prohibits blank passwords.</p>
149 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_NoUserID" id="Anonymous_NoUserID">Anonymous_NoUserID</a> <a name="anonymous_nouserid" id="anonymous_nouserid">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
150 </a></th><td>Sets whether the userID field may be empty</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
151 </a></th><td><code>Anonymous_NoUserID on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
152 </a></th><td><code>Anonymous_NoUserID off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
153 </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
154 </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
155 </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
156 </a></th><td>mod_authn_anon</td></tr></table>
157 <p>When set <code>on</code>, users can leave the userID (and
158 perhaps the password field) empty. This can be very convenient for
159 MS-Explorer users who can just hit return or click directly on the
160 OK button; which seems a natural reaction.</p>
161 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="Anonymous_VerifyEmail" id="Anonymous_VerifyEmail">Anonymous_VerifyEmail</a> <a name="anonymous_verifyemail" id="anonymous_verifyemail">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
162 </a></th><td>Sets whether to check the password field for a correctly
163 formatted email address</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
164 </a></th><td><code>Anonymous_VerifyEmail on|off</code></td></tr><tr><th><a href="directive-dict.html#Default">Default:
165 </a></th><td><code>Anonymous_VerifyEmail off</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
166 </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
167 </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
168 </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
169 </a></th><td>mod_authn_anon</td></tr></table>
170 <p>When set <code>on</code> the 'password' entered is checked for
171 at least one '@' and a '.' to encourage users to enter valid email
172 addresses (see the above <code class="directive"><a href="#auth_logemail">Auth_LogEmail</a></code>).</p>
173 </div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>
projects / apache / blob