<module>mod_ldap</module> to increase the performance of HTTP Basic
authentication provided by <module>mod_authnz_ldap</module>.</p>
- <example>
- # Enable the LDAP connection pool and shared<br />
- # memory cache. Enable the LDAP cache status<br />
- # handler. Requires that mod_ldap and mod_authnz_ldap<br />
- # be loaded. Change the "yourdomain.example.com" to<br />
- # match your domain.<br />
- <br />
- LDAPSharedCacheSize 500000<br />
- LDAPCacheEntries 1024<br />
- LDAPCacheTTL 600<br />
- LDAPOpCacheEntries 1024<br />
- LDAPOpCacheTTL 600<br />
- <br />
- <Location /ldap-status><br />
- <indent>
- SetHandler ldap-status<br />
-
- Require host yourdomain.example.com<br />
-
- Satisfy any<br />
- AuthType Basic<br />
- AuthName "LDAP Protected"<br />
- AuthBasicProvider ldap<br />
- AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one<br />
- Require valid-user<br />
- </indent>
- </Location>
- </example>
+ <highlight language="config">
+# Enable the LDAP connection pool and shared
+# memory cache. Enable the LDAP cache status
+# handler. Requires that mod_ldap and mod_authnz_ldap
+# be loaded. Change the "yourdomain.example.com" to
+# match your domain.
+
+LDAPSharedCacheSize 500000
+LDAPCacheEntries 1024
+LDAPCacheTTL 600
+LDAPOpCacheEntries 1024
+LDAPOpCacheTTL 600
+
+<Location /ldap-status>
+ SetHandler ldap-status
+
+ Require host yourdomain.example.com
+
+ Satisfy any
+ AuthType Basic
+ AuthName "LDAP Protected"
+ AuthBasicProvider ldap
+ AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one
+ Require valid-user
+</Location>
+ </highlight>
</section>
<section id="pool"><title>LDAP Connection Pool</title>
following directives could be used to access the
<module>mod_ldap</module> cache information:</p>
- <example>
- <Location /server/cache-info><br />
- <indent>
- SetHandler ldap-status<br />
- </indent>
- </Location>
- </example>
+ <highlight language="config">
+<Location /server/cache-info>
+ SetHandler ldap-status
+</Location>
+ </highlight>
<p>By fetching the URL <code>http://servername/cache-info</code>,
the administrator can get a status report of every cache that is used
optional client certificates to be used, as well as the type of
encryption to be used on the connection (none, SSL or TLS/STARTTLS).</p>
- <example>
- # Establish an SSL LDAP connection on port 636. Requires that <br />
- # mod_ldap and mod_authnz_ldap be loaded. Change the <br />
- # "yourdomain.example.com" to match your domain.<br />
- <br />
- LDAPTrustedGlobalCert CA_DER /certs/certfile.der<br />
- <br />
- <Location /ldap-status><br />
- <indent>
- SetHandler ldap-status<br />
-
- Require host yourdomain.example.com<br />
-
- Satisfy any<br />
- AuthType Basic<br />
- AuthName "LDAP Protected"<br />
- AuthBasicProvider ldap<br />
- AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one<br />
- Require valid-user<br />
- </indent>
- </Location>
- </example>
-
- <example>
- # Establish a TLS LDAP connection on port 389. Requires that <br />
- # mod_ldap and mod_authnz_ldap be loaded. Change the <br />
- # "yourdomain.example.com" to match your domain.<br />
- <br />
- LDAPTrustedGlobalCert CA_DER /certs/certfile.der<br />
- <br />
- <Location /ldap-status><br />
- <indent>
- SetHandler ldap-status<br />
-
- Require host yourdomain.example.com<br />
-
- Satisfy any<br />
- AuthType Basic<br />
- AuthName "LDAP Protected"<br />
- AuthBasicProvider ldap<br />
- AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one TLS<br />
- Require valid-user<br />
- </indent>
- </Location>
- </example>
+ <highlight language="config">
+# Establish an SSL LDAP connection on port 636. Requires that
+# mod_ldap and mod_authnz_ldap be loaded. Change the
+# "yourdomain.example.com" to match your domain.
+
+LDAPTrustedGlobalCert CA_DER /certs/certfile.der
+
+<Location /ldap-status>
+ SetHandler ldap-status
+
+ Require host yourdomain.example.com
+
+ Satisfy any
+ AuthType Basic
+ AuthName "LDAP Protected"
+ AuthBasicProvider ldap
+ AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
+ Require valid-user
+</Location>
+ </highlight>
+
+ <highlight language="config">
+# Establish a TLS LDAP connection on port 389. Requires that
+# mod_ldap and mod_authnz_ldap be loaded. Change the
+# "yourdomain.example.com" to match your domain.
+
+LDAPTrustedGlobalCert CA_DER /certs/certfile.der
+
+<Location /ldap-status>
+ SetHandler ldap-status
+
+ Require host yourdomain.example.com
+
+ Satisfy any
+ AuthType Basic
+ AuthName "LDAP Protected"
+ AuthBasicProvider ldap
+ AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one TLS
+ Require valid-user
+</Location>
+ </highlight>
</section>
an error when an attempt is made to contact the LDAP server at
runtime.</p>
- <example>
- # Specify a Netscape CA certificate file<br />
- LDAPTrustedGlobalCert CA_CERT7_DB /certs/cert7.db<br />
- # Specify an optional key3.db file for client certificate support<br />
- LDAPTrustedGlobalCert CERT_KEY3_DB /certs/key3.db<br />
- # Specify the secmod file if required<br />
- LDAPTrustedGlobalCert CA_SECMOD /certs/secmod<br />
- <Location /ldap-status><br />
- <indent>
- SetHandler ldap-status<br />
-
- Require host yourdomain.example.com<br />
-
- Satisfy any<br />
- AuthType Basic<br />
- AuthName "LDAP Protected"<br />
- AuthBasicProvider ldap<br />
- LDAPTrustedClientCert CERT_NICKNAME <nickname> [password]<br />
- AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one<br />
- Require valid-user<br />
- </indent>
- </Location>
- </example>
+ <highlight language="config">
+# Specify a Netscape CA certificate file
+LDAPTrustedGlobalCert CA_CERT7_DB /certs/cert7.db
+# Specify an optional key3.db file for client certificate support
+LDAPTrustedGlobalCert CERT_KEY3_DB /certs/key3.db
+# Specify the secmod file if required
+LDAPTrustedGlobalCert CA_SECMOD /certs/secmod
+<Location /ldap-status>
+ SetHandler ldap-status
+
+ Require host yourdomain.example.com
+
+ Satisfy any
+ AuthType Basic
+ AuthName "LDAP Protected"
+ AuthBasicProvider ldap
+ LDAPTrustedClientCert CERT_NICKNAME <nickname> [password]
+ AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
+ Require valid-user
+</Location>
+ </highlight>
</section>
LDAPTrustedMode parameter. If an ldaps:// URL is specified,
SSL mode is forced, override this directive.</p>
- <example>
- # Specify two CA certificate files<br />
- LDAPTrustedGlobalCert CA_DER /certs/cacert1.der<br />
- LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem<br />
- # Specify a client certificate file and key<br />
- LDAPTrustedGlobalCert CERT_BASE64 /certs/cert1.pem<br />
- LDAPTrustedGlobalCert KEY_BASE64 /certs/key1.pem [password]<br />
- # Do not use this directive, as it will throw an error<br />
- #LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem<br />
- </example>
+ <highlight language="config">
+# Specify two CA certificate files
+LDAPTrustedGlobalCert CA_DER /certs/cacert1.der
+LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem
+# Specify a client certificate file and key
+LDAPTrustedGlobalCert CERT_BASE64 /certs/cert1.pem
+LDAPTrustedGlobalCert KEY_BASE64 /certs/key1.pem [password]
+# Do not use this directive, as it will throw an error
+#LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem
+ </highlight>
</section>
(ldaps://) support has been deprecated to be replaced with TLS,
although the SSL functionality still works.</p>
- <example>
- # Specify two CA certificate files<br />
- LDAPTrustedGlobalCert CA_DER /certs/cacert1.der<br />
- LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem<br />
- <Location /ldap-status><br />
- <indent>
- SetHandler ldap-status<br />
-
- Require host yourdomain.example.com<br />
-
- LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem<br />
- LDAPTrustedClientCert KEY_BASE64 /certs/key1.pem<br />
- # CA certs respecified due to per-directory client certs<br />
- LDAPTrustedClientCert CA_DER /certs/cacert1.der<br />
- LDAPTrustedClientCert CA_BASE64 /certs/cacert2.pem<br />
- Satisfy any<br />
- AuthType Basic<br />
- AuthName "LDAP Protected"<br />
- AuthBasicProvider ldap<br />
- AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one<br />
- Require valid-user<br />
- </indent>
- </Location>
- </example>
+ <highlight language="config">
+# Specify two CA certificate files
+LDAPTrustedGlobalCert CA_DER /certs/cacert1.der
+LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem
+<Location /ldap-status>
+ SetHandler ldap-status
+
+ Require host yourdomain.example.com
+
+ LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem
+ LDAPTrustedClientCert KEY_BASE64 /certs/key1.pem
+ # CA certs respecified due to per-directory client certs
+ LDAPTrustedClientCert CA_DER /certs/cacert1.der
+ LDAPTrustedClientCert CA_BASE64 /certs/cacert2.pem
+ Satisfy any
+ AuthType Basic
+ AuthName "LDAP Protected"
+ AuthBasicProvider ldap
+ AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
+ Require valid-user
+</Location>
+ </highlight>
</section>
<p>For example, the following two sets of directives have
exactly the same effect:</p>
- <example>
- # CustomLog with format nickname<br />
- LogFormat "%h %l %u %t \"%r\" %>s %b" common<br />
- CustomLog logs/access_log common<br />
- <br />
- # CustomLog with explicit format string<br />
- CustomLog logs/access_log "%h %l %u %t \"%r\" %>s %b"
- </example>
+ <highlight language="config">
+# CustomLog with format nickname
+LogFormat "%h %l %u %t \"%r\" %>s %b" common
+CustomLog logs/access_log common
+
+# CustomLog with explicit format string
+CustomLog logs/access_log "%h %l %u %t \"%r\" %>s %b"
+ </highlight>
<p>The third argument is optional and controls whether or
not to log a particular request. The condition can be the
images on your server in a separate logfile but not in your main
log, you can use:</p>
- <example>
- SetEnvIf Request_URI \.gif$ gif-image<br />
- CustomLog gif-requests.log common env=gif-image<br />
- CustomLog nongif-requests.log common env=!gif-image
- </example>
+ <highlight language="config">
+SetEnvIf Request_URI \.gif$ gif-image
+CustomLog gif-requests.log common env=gif-image
+CustomLog nongif-requests.log common env=!gif-image
+ </highlight>
<p>Or, to reproduce the behavior of the old RefererIgnore
directive, you might use the following:</p>
- <example>
- SetEnvIf Referer example\.com localreferer<br />
- CustomLog referer.log referer env=!localreferer
- </example>
+ <highlight language="config">
+SetEnvIf Referer example\.com localreferer
+CustomLog referer.log referer env=!localreferer
+ </highlight>
</usage>
</directivesynopsis>
percent signs (<code>%</code>).</p>
<example><title>Example</title>
+ <highlight language="config">
LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
+ </highlight>
</example>
+
</usage>
</directivesynopsis>
other format has been specified.</p>
<example><title>Example</title>
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""<br />
- TransferLog logs/access_log
+ <highlight language="config">
+LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
+TransferLog logs/access_log
+ </highlight>
</example>
</usage>
</directivesynopsis>
<p>The basic module loading directive is</p>
-<example>
+<highlight language="config">
LoadModule lua_module modules/mod_lua.so
-</example>
+</highlight>
<p>
<code>mod_lua</code> provides a handler named <code>lua-script</code>,
which can be used with an <code>AddHandler</code> directive:</p>
-<example>
+<highlight language="config">
AddHandler lua-script .lua
-</example>
+</highlight>
<p>
This will cause <code>mod_lua</code> to handle requests for files
be careful writing your regular expressions to avoid security
issues.</p>
<example><title>Examples:</title>
+ <highlight language="config">
LuaMapHandler /(\w+)/(/w+) /scripts/$1.lua handle_$2
+ </highlight>
</example>
<p>This would match uri's such as /photos/show?id=9
to the file /scripts/photos.lua and invoke the
handler function handle_show on the lua vm after
loading that file.</p>
-<example>
+<highlight language="config">
LuaMapHandler /bingo /scripts/wombat.lua
-</example>
+</highlight>
<p>This would invoke the "handle" function, which
is the default if no specific function name is
provided.</p>
lua vms.</p>
<example><title>Examples:</title>
- LuaPackagePath /scripts/lib/?.lua<br />
- LuaPackagePath /scripts/lib/?/init.lua
+ <highlight language="config">
+LuaPackagePath /scripts/lib/?.lua
+LuaPackagePath /scripts/lib/?/init.lua
+ </highlight>
</example>
</usage>
</directivesynopsis>
for development.</p>
<example><title>Examples:</title>
- LuaCodeCache stat<br />
- LuaCodeCache forever<br />
- LuaCodeCache never<br />
+ <highlight language="config">
+LuaCodeCache stat
+LuaCodeCache forever
+LuaCodeCache never
+ </highlight>
</example>
</usage>
<p>Example:</p>
-<example><pre>
+<highlight language="config">
# httpd.conf
LuaHookTranslateName /scripts/conf/hooks.lua silly_mapper
-</pre></example>
+</highlight>
<highlight language="lua">
-- /scripts/conf/hooks.lua --
projects / apache / commitdiff