file to authenticate the user on each request. Apache also has
the ability to store user information in fast database files.
The <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code> module provides the <code class="directive"><a href="../mod/mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile</a></code> directive. These
- files can be created and manipulated with the <code class="program"><a href="../programs/dbmmanage.html">dbmmanage</a></code> program. Many
+ files can be created and manipulated with the <code class="program"><a href="../programs/dbmmanage.html">dbmmanage</a></code> and <code class="program"><a href="../programs/htdbm.html">htdbm</a></code> programs. Many
other types of authentication options are available from third
party modules in the <a href="http://modules.apache.org/">Apache Modules
Database</a>.</p>
you can choose <code>dbm</code> or <code>dbd</code> as your storage
format.</p>
- <p>To select a dbd file rather than a text file, for example:</p>
+ <p>To select a dbm file rather than a text file, for example:</p>
<pre class="prettyprint lang-config">
<Directory /www/docs/private>
-<span class="indent">
AuthName "Private"
AuthType Basic
AuthBasicProvider dbm
AuthDBMUserFile /www/passwords/passwd.dbm
Require valid-user
-</span>
</Directory>
</pre>
<pre class="prettyprint lang-config">
<Directory /www/docs/private>
-<span class="indent">
AuthName "Private"
AuthType Basic
AuthBasicProvider file ldap
AuthUserFile /usr/local/apache/passwd/passwords
AuthLDAPURL ldap://ldaphost/o=yourorg
Require valid-user
-</span>
</Directory>
</pre>
<pre class="prettyprint lang-config">
<Directory /www/docs/private>
-<span class="indent">
AuthName "Private"
AuthType Basic
AuthBasicProvider file
AuthGroupFile /usr/local/apache/passwd/groups
Require group GroupName
Require ldap-group cn=mygroup,o=yourorg
-</span>
</Directory>
</pre>
<a href="../ko/howto/auth.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/howto/auth.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p>
</div>
+<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
+ anglaise pour les changements récents.</div>
<p>L'authentification est un processus qui vous permet de vérifier
qu'une personne est bien celle qu'elle prétend être. L'autorisation
<pre class="prettyprint lang-config">
<Directory /www/docs/private>
-<span class="indent">
AuthName "Private"
AuthType Basic
AuthBasicProvider dbm
AuthDBMUserFile /www/passwords/passwd.dbm
Require valid-user
-</span>
</Directory>
</pre>
<pre class="prettyprint lang-config">
<Directory /www/docs/private>
-<span class="indent">
AuthName "Private"
AuthType Basic
AuthBasicProvider file ldap
AuthUserFile /usr/local/apache/passwd/passwords
AuthLDAPURL ldap://ldaphost/o=yourorg
Require valid-user
-</span>
</Directory>
</pre>
<pre class="prettyprint lang-config">
<Directory /www/docs/private>
-<span class="indent">
AuthName "Private"
AuthType Basic
AuthBasicProvider file
AuthGroupFile /usr/local/apache/passwd/groups
Require group GroupName
Require ldap-group cn=mygroup,o=yourorg
-</span>
</Directory>
</pre>
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision : 1410676 -->
+<!-- English Revision: 1410676:1420151 (outdated) -->
<!-- French translation : Lucien GENTIS -->
<!-- Reviwed by : Vincent Deffontaines -->
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 479777:1410676 (outdated) -->
+<!-- English Revision: 479777:1420151 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<?xml version='1.0' encoding='EUC-KR' ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 105989:1410676 (outdated) -->
+<!-- English Revision: 105989:1420151 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<variants>
<variant>en</variant>
- <variant>fr</variant>
+ <variant outdated="yes">fr</variant>
<variant outdated="yes">ja</variant>
<variant outdated="yes">ko</variant>
<variant outdated="yes">tr</variant>
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.tr.xsl"?>
-<!-- English Revision: 1070891:1410676 (outdated) -->
+<!-- English Revision: 1070891:1420151 (outdated) -->
<!-- =====================================================
Translated by: Umut Samuk <umut belgeler.org>
Reviewed by: Nilgün Belma Bugüner <nilgun belgeler.org>
<li><a href="mod_ssl.html#sslsessioncache">SSLSessionCache</a></li>
<li><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile</a></li>
+<li><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed</a></li>
+<li><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile</a></li>
<li><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache</a></li>
<li><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater</a></li>
<li><a href="mod_ssl.html#sslsessioncache">SSLSessionCache</a></li>
<li><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile</a></li>
+<li><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed</a></li>
+<li><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile</a></li>
<li><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache</a></li>
<li><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater</a></li>
<li><a href="mod_ssl.html#sslsessioncache">SSLSessionCache</a></li>
<li><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile</a></li>
+<li><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed</a></li>
+<li><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile</a></li>
<li><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache</a></li>
<li><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater</a></li>
<li><a href="mod_ssl.html#sslsessioncache">SSLSessionCache</a></li>
<li><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile</a></li>
+<li><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed</a></li>
+<li><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile</a></li>
<li><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache</a></li>
<li><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater</a></li>
<li><a href="mod_ssl.html#sslsessioncache">SSLSessionCache</a></li>
<li><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile</a></li>
+<li><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed</a></li>
+<li><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile</a></li>
<li><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache</a></li>
<li><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater</a></li>
<li><a href="mod_ssl.html#sslsessioncache">SSLSessionCache</a></li>
<li><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile</a></li>
+<li><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed</a></li>
+<li><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile</a></li>
<li><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache</a></li>
<li><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater</a></li>
<li><a href="mod_ssl.html#sslsessioncache">SSLSessionCache</a></li>
<li><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile</a></li>
+<li><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed</a></li>
+<li><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile</a></li>
<li><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache</a></li>
<li><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout</a></li>
<li><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater</a></li>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#using">Utilisation de l'authentification à base de
condensés</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#msie">Travailler avec MS Internet Explorer</a></li>
</ul><h3>Voir aussi</h3>
<ul class="seealso">
<li><code class="directive"><a href="../mod/mod_authn_core.html#authname">AuthName</a></code></li>
<div class="note"><h3>Note</h3>
<p>L'authentification à base de condensés MD5 est plus sécurisée que
l'authentification Basic, mais ne fonctionne qu'avec les navigateurs
- qui la supportent. En septembre 2004, les principaux navigateurs
- supportant l'authentification à base de condensés MD5 incluaient <a href="http://www.w3.org/Amaya/">Amaya</a>, <a href="http://konqueror.kde.org/">Konqueror</a>, <a href="http://www.microsoft.com/windows/ie/">MS Internet Explorer</a>
- pour Mac OS X et Windows (bien que la version Windows échoue lorsque
- la requête comporte une chaîne d'arguments -- voir plus loin "<a href="#msie">Travailler avec MS Internet Explorer</a>" pour
- contourner ce problème), <a href="http://www.mozilla.org">Mozilla</a>,
- Netscape 7, <a href="http://www.opera.com/">Opera</a>, et <a href="http://www.apple.com/safari/">Safari</a>. <a href="http://lynx.isc.org/">lynx</a> ne supporte
- <strong>pas</strong> l'authentification à base de condensés MD5.
- Comme l'authentification à base de condensés MD5 est moins répandue
- que l'authentification Basic, vous ne devez l'utiliser que dans des
- environnements où tous les utilisateurs disposeront d'un navigateur
- la supportant.</p>
+ qui la supportent. Au moment où ces lignes sont écrites (Décembre
+ 2012), c'est le cas des principaux navigateurs.</p>
<p><code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> ne fonctionne correctement que
sur les plates-formes où APR supporte la mémoire partagée.</p>
</div>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="msie" id="msie">Travailler avec MS Internet Explorer</a></h2>
- <p>L'implémentation de l'authentification à base de condensé dans
- les versions précédentes d'Internet Explorer pour Windows (5 et 6)
- posait problème, car les requêtes de type <code>GET</code>
- comportant une chaîne d'arguments (query string) ne respectaient pas les RFC. Il y
- a plusieurs manières de contourner ce problème.</p>
-
- <p>
- La première méthode consiste à utiliser des requêtes de type
- <code>POST</code> plutôt que <code>GET</code> pour transmettre les
- données à votre programme. Cette méthode constitue l'approche la
- plus simple dans le cas où votre application peut fonctionner avec
- cette limitation.
- </p>
-
- <p>Depuis la version 2.0.51, Apache propose aussi de contourner le
- problème à l'aide de la variable d'environnement
- <code>AuthDigestEnableQueryStringHack</code>. Si
- <code>AuthDigestEnableQueryStringHack</code> est définie pour la
- requête, Apache va prendre des mesures pour contourner la bogue MSIE
- et en particulier va exclure la chaîne d'arguments de la comparaison
- des condensés. L'utilisation de cette méthode peut se traduire par
- ceci :</p>
-
- <div class="example"><h3>Utilisation de l'authentification à base de condensé
- avec MSIE :</h3><pre class="prettyprint lang-config">
- BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
- </pre>
-</div>
-
- <p>Cette correction n'est pas nécessaire avec MSIE 7, bien que son
- activation ne pose pas de problème de compatibilité ou de surcharge
- significative.</p>
-
- <p>Voir la directive <code class="directive"><a href="../mod/mod_setenvif.html#browsermatch">BrowserMatch</a></code> pour plus de détails
- à propos de la définition conditionnelle des variables
- d'environnement.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="AuthDigestAlgorithm" id="AuthDigestAlgorithm">AuthDigestAlgorithm</a> <a name="authdigestalgorithm" id="authdigestalgorithm">Directive</a></h2>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
+parser hass been added in 2.4.4.</td></tr>
</table>
<p>The <code class="directive"><a href="#authformloginrequiredlocation">AuthFormLoginRequiredLocation</a></code> directive
- specifies the URL to redirect to should the user not be authorised to view a page. By default,
- if a user is not authorised to view a page, the HTTP response code <code>HTTP_UNAUTHORIZED</code>
- will be returned with the page specified by the
+ specifies the URL to redirect to should the user not be authorised to view a page. The value
+ is parsed using the <a href="../expr.html">ap_expr</a> parser before being sent to the client.
+ By default, if a user is not authorised to view a page, the HTTP response code
+ <code>HTTP_UNAUTHORIZED</code> will be returned with the page specified by the
<code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> directive. This directive overrides this
default.</p>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
+parser hass been added in 2.4.4.</td></tr>
</table>
<p>The <code class="directive"><a href="#authformloginsuccesslocation">AuthFormLoginSuccessLocation</a></code> directive
- specifies the URL to redirect to should the user have logged in successfully. This directive
- can be overridden if a form field has been defined containing another URL using the
- <code class="directive"><a href="#authformlocation">AuthFormLocation</a></code> directive.</p>
+ specifies the URL to redirect to should the user have logged in successfully. The value is
+ parsed using the <a href="../expr.html">ap_expr</a> parser before being sent to the client.
+ This directive can be overridden if a form field has been defined containing another URL
+ using the <code class="directive"><a href="#authformlocation">AuthFormLocation</a></code> directive.</p>
<p>Use this directive if you have a dedicated login URL, and you have not embedded the
destination page in the login form.</p>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
+parser hass been added in 2.4.4.</td></tr>
</table>
<p>The <code class="directive"><a href="#authformlogoutlocation">AuthFormLogoutLocation</a></code> directive
- specifies the URL of a page on the server to redirect to should the user attempt to log out.</p>
+ specifies the URL of a page on the server to redirect to should the user attempt to log
+ out. The value is parsed using the <a href="../expr.html">ap_expr</a> parser before
+ being sent to the client.</p>
<p>When a URI is accessed that is served by the handler <code>form-logout-handler</code>,
the page specified by this directive will be shown to the end user. For example:</p>
literally if it has any arguments before or after it, even if they are "disabled"
as well.</p>
- <p><strong>Note:</strong> Multiple <code class="directive">DirectoryIndex</code>
- directives within the <a href="../sections.html"><em>same context</em></a> will add
+ <p><strong>Note:</strong> Multiple <code class="directive">DirectoryIndex</code>
+ directives within the <a href="../sections.html"><em>same context</em></a> will add
to the list of resources to look for rather than replace:
</p>
<pre class="prettyprint lang-config">
<code>index.html</code> file. <strong>But a request without trailing slash
would list the directory contents</strong>.</p>
</div>
- <p>Also note that some browsers may erroneously change POST requests into GET
+ <p>Also note that some browsers may erroneously change POST requests into GET
(thus discarding POST data) when a redirect is issued.</p>
</div>
<div class="directive-section"><h2><a name="FallbackResource" id="FallbackResource">FallbackResource</a> <a name="fallbackresource" id="fallbackresource">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define a default URL for requests that don't map to a file</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>FallbackResource <var>local-url</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>FallbackResource disabled | <var>local-url</var></code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>None - httpd will return 404 (Not Found)</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Indexes</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dir</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The <code>disabled</code> argument is available in version 2.4.4 and
+later</td></tr>
</table>
<p>Use this to set a handler for any URL that doesn't map to anything
in your filesystem, and would otherwise return HTTP 404 (Not Found).
<p>Existing files, such as images, css files, and so on, will be
served normally.</p>
+ <p>Use the <code>disabled</code> argument to disable that feature
+ if inheritance from a parent directory is not desired.</p>
<p>In a sub-URI, such as <em>http://example.com/blog/</em> this
<em>sub-URI</em> has to be supplied as <var>local-url</var>:</p>
<pre class="prettyprint lang-config">
<Directory /web/example.com/htdocs/blog>
FallbackResource /blog/index.php
+</Directory>
+<Directory /web/example.com/htdocs/blog/images>
+ FallbackResource disabled
</Directory>
</pre>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Définit une URL par défaut pour les requêtes qui ne ciblent
aucun fichier</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code>FallbackResource <var>url-locale</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code>FallbackResource disabled <var>url-locale</var></code></td></tr>
<tr><th><a href="directive-dict.html#Default">Défaut:</a></th><td><code>Aucune - httpd renvoie un code d'erreur 404 (Not Found)</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Contexte:</a></th><td>configuration du serveur, serveur virtuel, répertoire, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">AllowOverride:</a></th><td>Indexes</td></tr>
<tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dir</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibilité:</a></th><td>L'argument <code>disabled</code> est disponible à partir
+de la version 2.4.4 du serveur HTTP Apache.</td></tr>
</table>
<p>Cette directive permet de définir un traitement pour toute URL
qui ne correspond à aucune ressource de votre système de fichiers,
<p>Les fichiers existants comme des images, des fichiers css, etc...
seront traités normalement.</p>
+ <p>L'argument <code>disabled</code> permet de désactiver cette
+ fonctionnalité dans le cas où l'héritage d'un répertoire parent
+ n'est pas souhaité.</p>
<p>Pour un URI intermédiaire tel que
<em>http://example.com/blog/</em>, cet URI intermédiaire doit être
spécifié en tant que <var>url-locale</var> :</p>
<pre class="prettyprint lang-config">
<Directory /web/example.com/htdocs/blog>
FallbackResource /blog/index.php
+</Directory>
+<Directory /web/example.com/htdocs/blog/images>
+ FallbackResource disabled
</Directory>
</pre>
headers are sent on the wire. This is a measure of the duration
of the request. The value is preceded by <code>D=</code>.
The value is measured in microseconds.</td></tr>
-<tr class="odd"><td><code>%{VARNAME}e</code></td>
+<tr class="odd"><td><code>%l</code></td>
+ <td>The current load averages of the actual server itself. It is
+ designed to expose the values obtained by <code>getloadavg()</code>
+ and this represents the current load average, the 5 minute average, and
+ the 15 minute average. The value is preceded by <code>l=</code> with each
+ average separated by <code>/</code>.
+ </td></tr>
+<tr><td><code>%i</code></td>
+ <td>The current idle percentage of httpd (0 to 100) based on available
+ processes and threads. The value is preceded by <code>i=</code>.
+ </td></tr>
+<tr class="odd"><td><code>%b</code></td>
+ <td>The current busy percentage of httpd (0 to 100) based on available
+ processes and threads. The value is preceded by <code>b=</code>.
+ </td></tr>
+<tr><td><code>%{VARNAME}e</code></td>
<td>The contents of the <a href="../env.html">environment
variable</a> <code>VARNAME</code>.</td></tr>
-<tr><td><code>%{VARNAME}s</code></td>
+<tr class="odd"><td><code>%{VARNAME}s</code></td>
<td>The contents of the <a href="mod_ssl.html#envvars">SSL environment
variable</a> <code>VARNAME</code>, if <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is enabled.</td></tr>
</table>
<a href="../ja/mod/mod_headers.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="../ko/mod/mod_headers.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
</div>
+<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
+ anglaise pour les changements récents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Personnalisation des en-têtes de requêtes et de réponses
HTTP</td></tr>
<tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr>
<?xml version="1.0"?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision : 1371911 -->
+<!-- English Revision: 1371911:1418937 (outdated) -->
<!-- French translation : Lucien GENTIS -->
<!-- Reviewed by : Vincent Deffontaines -->
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 151408:1371911 (outdated) -->
+<!-- English Revision: 151408:1418937 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<?xml version="1.0" encoding="EUC-KR" ?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 151408:1371911 (outdated) -->
+<!-- English Revision: 151408:1418937 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<variants>
<variant>en</variant>
- <variant>fr</variant>
+ <variant outdated="yes">fr</variant>
<variant outdated="yes">ja</variant>
<variant outdated="yes">ko</variant>
</variants>
and url encoded id (like servlet containers) use | to to separate them.
The first part is for the cookie the second for the path.
</td></tr>
+ <tr><td>stickysessionsep</td>
+ <td>"."</td>
+ <td>Sets the separation symbol in the session cookie. Some backend application servers
+ do not use the '.' as the symbol. For example the Oracle Weblogic server uses
+ '!'. The correct symbol can be set using this option. The setting of 'Off'
+ signifies that no symbol is used.
+ </td></tr>
<tr><td>scolonpathdelim</td>
<td>Off</td>
<td>If set to <code>On</code> the semi-colon character ';' will be
conteneurs de servlet), séparez-les par le caractère '|'. La
première partie contient le cookie et la seconde le chemin.
</td></tr>
+ <tr><td>stickysessionsep</td>
+ <td>"."</td>
+ <td>Définit le caractère de séparation dans le cookie de
+ session. Certains serveurs d'application d'arrière-plan
+ n'utilisent pas le caractère '.' comme séparateur. Par exemple
+ le serveur Oracle Weblogic utilise le caractère '!'. Cette
+ option permet d'attribuer au caractère de séparation la valeur
+ appropriée. Si elle est définie à 'Off', aucun caractère de
+ séparation n'est utilisé.
+ </td></tr>
<tr><td>scolonpathdelim</td>
<td>Off</td>
<td>Si ce paramètre est défini à <code>On</code>, le caractère
</div>
</dd>
+ <dt><code>MergeBase</code></dt>
+ <dd>
+
+ <p>With this option, the value of <code class="directive"><a href="#rewritebase">RewriteBase</a></code> is copied from where it's explicitly defined
+ into any sub-directory or sub-location that doesn't define its own
+ <code class="directive"><a href="#rewritebase">RewriteBase</a></code>. This was the
+ default behavior in 2.4.0 thorugh 2.4.3, and the flag to restore it is
+ available Apache HTTP Server 2.4.4 and later.</p>
+ </dd>
</dl>
<p><span>Langues Disponibles: </span><a href="../en/mod/mod_rewrite.html" hreflang="en" rel="alternate" title="English"> en </a> |
<a href="../fr/mod/mod_rewrite.html" title="Français"> fr </a></p>
</div>
+<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
+ anglaise pour les changements récents.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Ce module fournit un moteur de réécriture à base de
règles permettant de réécrire les URLs des requêtes
à la volée</td></tr>
<?xml version="1.0"?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision : 1403486 -->
+<!-- English Revision: 1403486:1418954 (outdated) -->
<!-- French translation : Lucien GENTIS -->
<!-- Reviewed by : Vincent Deffontaines -->
<variants>
<variant>en</variant>
- <variant>fr</variant>
+ <variant outdated="yes">fr</variant>
</variants>
</metafile>
<li><img alt="" src="../images/down.gif" /> <a href="#sslsessioncache">SSLSessionCache</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#sslsessioncachetimeout">SSLSessionCacheTimeout</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#sslsessionticketkeyfile">SSLSessionTicketKeyFile</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#sslsrpunknownuserseed">SSLSRPUnknownUserSeed</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#sslsrpverifierfile">SSLSRPVerifierFile</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#sslstaplingcache">SSLStaplingCache</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#sslstaplingfaketrylater">SSLStaplingFakeTryLater</a></li>
<tr><td><code>SSL_SERVER_A_SIG</code></td> <td>string</td> <td>Algorithm used for the signature of server's certificate</td></tr>
<tr><td><code>SSL_SERVER_A_KEY</code></td> <td>string</td> <td>Algorithm used for the public key of server's certificate</td></tr>
<tr><td><code>SSL_SERVER_CERT</code></td> <td>string</td> <td>PEM-encoded server certificate</td></tr>
+<tr><td><code>SSL_SRP_USER</code></td> <td>string</td> <td>SRP username</td></tr>
+<tr><td><code>SSL_SRP_USERINFO</code></td> <td>string</td> <td>SRP user info</td></tr>
</table>
<p><em>x509</em> specifies a component of an X.509 DN; one of
<tr><td><code>kDHr</code></td> <td>Diffie-Hellman key exchange with RSA key</td></tr>
<tr><td><code>kDHd</code></td> <td>Diffie-Hellman key exchange with DSA key</td></tr>
<tr><td><code>kEDH</code></td> <td>Ephemeral (temp.key) Diffie-Hellman key exchange (no cert)</td> </tr>
+<tr><td><code>kSRP</code></td> <td>Secure Remote Password (SRP) key exchange</td></tr>
<tr><td colspan="2"><em>Authentication Algorithm:</em></td></tr>
<tr><td><code>aNULL</code></td> <td>No authentication</td></tr>
<tr><td><code>aRSA</code></td> <td>RSA authentication</td></tr>
<tr><td><code>ECDH</code></td> <td>Elliptic Curve Diffie-Hellman key exchange</td> </tr>
<tr><td><code>ADH</code></td> <td>all ciphers using Anonymous Diffie-Hellman key exchange</td> </tr>
<tr><td><code>AECDH</code></td> <td>all ciphers using Anonymous Elliptic Curve Diffie-Hellman key exchange</td> </tr>
+<tr><td><code>SRP</code></td> <td>all ciphers using Secure Remote Password (SRP) key exchange</td> </tr>
<tr><td><code>DSS</code></td> <td>all ciphers using DSS authentication</td> </tr>
<tr><td><code>ECDSA</code></td> <td>all ciphers using ECDSA authentication</td> </tr>
<tr><td><code>aNULL</code></td> <td>all ciphers using no authentication</td> </tr>
<code class="directive"><a href="#sslcertificatekeyfile">SSLCertificateKeyFile</a></code>.</p>
</div>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SSLSRPUnknownUserSeed" id="SSLSRPUnknownUserSeed">SSLSRPUnknownUserSeed</a> <a name="sslsrpunknownuserseed" id="sslsrpunknownuserseed">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SRP unknown user seed</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSLSRPUnknownUserSeed <em>secret-string</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in httpd 2.4.4 and later, if using OpenSSL 1.0.1 or
+later</td></tr>
+</table>
+<p>
+This directive sets the seed used to fake SRP user parameters for unknown
+users, to avoid leaking whether a given user exists. Specify a secret
+string. If this directive is not used, then Apache will return the
+UNKNOWN_PSK_IDENTITY alert to clients who specify an unknown username.
+</p>
+<div class="example"><h3>Example</h3><p><code>
+SSLSRPUnknownUserSeed "secret"
+</code></p></div>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SSLSRPVerifierFile" id="SSLSRPVerifierFile">SSLSRPVerifierFile</a> <a name="sslsrpverifierfile" id="sslsrpverifierfile">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Path to SRP verifier file</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSLSRPVerifierFile <em>file-path</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in httpd 2.4.4 and later, if using OpenSSL 1.0.1 or
+later</td></tr>
+</table>
+<p>
+This directive enables TLS-SRP and sets the path to the OpenSSL SRP (Secure
+Remote Password) verifier file containing TLS-SRP usernames, verifiers, salts,
+and group parameters.</p>
+<div class="example"><h3>Example</h3><p><code>
+SSLSRPVerifierFile "/path/to/file.srpv"
+</code></p></div>
+<p>
+The verifier file can be created with the <code>openssl</code> command line
+utility:</p>
+<div class="example"><h3>Creating the SRP verifier file</h3><p><code>
+openssl srp -srpvfile passwd.srpv -userinfo "some info" -add username
+</code></p></div>
+<p> The value given with the optional <code>-userinfo</code> parameter is
+avalable in the <code>SSL_SRP_USERINFO</code> request environment variable.</p>
+
+
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="SSLStaplingCache" id="SSLStaplingCache">SSLStaplingCache</a> <a name="sslstaplingcache" id="sslstaplingcache">Directive</a></h2>
request</td></tr>
<tr class="odd"><td><a href="mod_ext_filter.html#extfilterdefine">ExtFilterDefine <var>filtername</var> <var>parameters</var></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define an external filter</td></tr>
<tr><td><a href="mod_ext_filter.html#extfilteroptions">ExtFilterOptions <var>option</var> [<var>option</var>] ...</a></td><td> NoLogStderr </td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure <code class="module"><a href="../mod/mod_ext_filter.html">mod_ext_filter</a></code> options</td></tr>
-<tr class="odd"><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource <var>local-url</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Define a default URL for requests that don't map to a file</td></tr>
+<tr class="odd"><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource disabled | <var>local-url</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Define a default URL for requests that don't map to a file</td></tr>
<tr><td><a href="core.html#fileetag">FileETag <var>Komponente</var> ...</a></td><td> INode MTime Size </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Dateiattribute, die zur Erstellung des HTTP-Response-Headers
ETag verwendet werden</td></tr>
<tr class="odd"><td><a href="core.html#files"><Files <var>Dateiname</var>> ... </Files></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enthält Direktiven, die sich nur auf passende Dateinamen
<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
request</td></tr>
<tr class="odd"><td><a href="mod_ext_filter.html#extfilterdefine">ExtFilterDefine <var>filtername</var> <var>parameters</var></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define an external filter</td></tr>
<tr><td><a href="mod_ext_filter.html#extfilteroptions">ExtFilterOptions <var>option</var> [<var>option</var>] ...</a></td><td> NoLogStderr </td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure <code class="module"><a href="../mod/mod_ext_filter.html">mod_ext_filter</a></code> options</td></tr>
-<tr class="odd"><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource <var>local-url</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Define a default URL for requests that don't map to a file</td></tr>
+<tr class="odd"><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource disabled | <var>local-url</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Define a default URL for requests that don't map to a file</td></tr>
<tr><td><a href="core.html#fileetag">FileETag <var>component</var> ...</a></td><td> MTime Size </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">File attributes used to create the ETag
HTTP response header for static files</td></tr>
<tr class="odd"><td><a href="core.html#files"><Files <var>filename</var>> ... </Files></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply to matched
<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
request</td></tr>
<tr class="odd"><td><a href="mod_ext_filter.html#extfilterdefine">ExtFilterDefine <var>filtername</var> <var>parameters</var></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define an external filter</td></tr>
<tr><td><a href="mod_ext_filter.html#extfilteroptions">ExtFilterOptions <var>option</var> [<var>option</var>] ...</a></td><td> NoLogStderr </td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure <code class="module"><a href="../mod/mod_ext_filter.html">mod_ext_filter</a></code> options</td></tr>
-<tr class="odd"><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource <var>local-url</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Define a default URL for requests that don't map to a file</td></tr>
+<tr class="odd"><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource disabled | <var>local-url</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Define a default URL for requests that don't map to a file</td></tr>
<tr><td><a href="core.html#fileetag">FileETag <var>component</var> ...</a></td><td> INode MTime Size </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">File attributes used to create the ETag
HTTP response header for static files</td></tr>
<tr class="odd"><td><a href="core.html#files"><Files <var>filename</var>> ... </Files></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply to matched
<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sk</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sk</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
request</td></tr>
<tr class="odd"><td><a href="mod_ext_filter.html#extfilterdefine">ExtFilterDefine <var>filtername</var> <var>parameters</var></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define an external filter</td></tr>
<tr><td><a href="mod_ext_filter.html#extfilteroptions">ExtFilterOptions <var>option</var> [<var>option</var>] ...</a></td><td> NoLogStderr </td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure <code class="module"><a href="../mod/mod_ext_filter.html">mod_ext_filter</a></code> options</td></tr>
-<tr class="odd"><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource <var>local-url</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Define a default URL for requests that don't map to a file</td></tr>
+<tr class="odd"><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource disabled | <var>local-url</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Define a default URL for requests that don't map to a file</td></tr>
<tr><td><a href="core.html#fileetag">FileETag <var>component</var> ...</a></td><td> MTime Size </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">File attributes used to create the ETag
HTTP response header for static files</td></tr>
<tr class="odd"><td><a href="core.html#files"><Files <var>filename</var>> ... </Files></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply to matched
<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
in the Session Cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
or otherwise.</p>
+<h3><a name="srp" id="srp">How do I enable TLS-SRP?</a></h3>
+ <p>TLS-SRP (Secure Remote Password key exchange for TLS, specified in RFC 5054)
+ can supplement or replace certificates in authenticating an SSL connection.
+ To use TLS-SRP, set the
+ <code class="directive"><a href="../mod/mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile</a></code> directive to
+ point to an OpenSSL SRP verifier file. To create the verifier file, use the
+ <code>openssl</code> tool:</p>
+ <div class="example"><p><code>
+ openssl srp -srpvfile passwd.srpv -add username
+ </code></p></div>
+ <p>After creating this file, specify it in the SSL server configuration:</p>
+ <div class="example"><p><code>
+ SSLSRPVerifierFile /path/to/passwd.srpv
+ </code></p></div>
+ <p>To force clients to use non-certificate TLS-SRP cipher suites, use the
+ following directive:</p>
+ <div class="example"><p><code>
+ SSLCipherSuite "!DSS:!aRSA:SRP"
+ </code></p></div>
+
+
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="support" id="support">mod_ssl Support</a></h2>
<p><span>Langues Disponibles: </span><a href="../en/ssl/ssl_faq.html" hreflang="en" rel="alternate" title="English"> en </a> |
<a href="../fr/ssl/ssl_faq.html" title="Français"> fr </a></p>
</div>
+<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
+ anglaise pour les changements récents.</div>
<blockquote>
<p>Le sage n'apporte pas de bonnes réponses, il pose les bonnes questions</p>
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English revision : 1364336 -->
+<!-- English Revision: 1364336:1420057 (outdated) -->
<!-- French translation : Lucien GENTIS -->
<!-- Reviewed by : Vincent Deffontaines -->
<variants>
<variant>en</variant>
- <variant>fr</variant>
+ <variant outdated="yes">fr</variant>
</variants>
</metafile>
projects / apache / commitdiff