--- /dev/null
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ This file is generated from xml source: DO NOT EDIT
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ --><title>mod_auth_basic - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.0</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_auth_basic</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
+ </a></th><td>Basic authentication</td></tr><tr><th><a href="module-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
+ </a></th><td>auth_basic_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
+ </a></th><td>mod_auth_basic.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
+ </a></th><td>Available in Apache 2.0.42 and later</td></tr></table><h3>Summary</h3>
+
+ <p>This module allows the use of HTTP Basic Authentication to
+ restrict access by looking up users in the given providers.
+ HTTP Digest Authentication is provided by
+ <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>.</p>
+
+</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authbasicauthoritative">AuthBasicAuthoritative</a></li><li><img alt="" src="../images/down.gif" /> <a href="#authbasicprovider">AuthBasicProvider</a></li></ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthBasicAuthoritative" id="AuthBasicAuthoritative">AuthBasicAuthoritative</a> <a name="authbasicauthoritative" id="authbasicauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets whether authorization and authentication are
+passed to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthBasicAuthoritative on|off</td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthBasicAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_auth_basic</td></tr></table>
+ <p>Setting the <code class="directive">AuthBasicAuthoritative</code> directive
+ explicitly to <strong>'off'</strong> allows for both
+ authentication and authorization to be passed on to lower level
+ modules (as defined in the <code>Configuration</code> and
+ <code>modules.c</code> files) if there is <strong>no
+ userID</strong> or <strong>rule</strong> matching the supplied
+ userID. If there is a userID and/or rule specified; the usual
+ password and access checks will be applied and a failure will give
+ an Authorization Required reply.</p>
+
+ <p>So if a userID appears in the database of more than one module;
+ or if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
+ directive applies to more than one module; then the first module
+ will verify the credentials; and no access is passed on;
+ regardless of the AuthAuthoritative setting.</p>
+
+ <p>By default; control is not passed on; and an unknown userID or
+ rule will result in an Authorization Required reply. Not setting
+ it thus keeps the system secure; and forces an NCSA compliant
+ behaviour.</p>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthBasicProvider" id="AuthBasicProvider">AuthBasicProvider</a> <a name="authbasicprovider" id="authbasicprovider">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets the authentication provider(s) for this location</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthBasicProvider <em>provider-name</em></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, location, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_auth_basic</td></tr></table>
+ <p>The <code class="directive">AuthBasicProvider</code> directive sets
+ which provider is used to authenticate the users for this location.</p>
+
+ <p>See <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code>, <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>
+ for providers.</p>
+
+</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
+<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
+<modulesynopsis>
+
+<name>mod_auth_basic</name>
+<description>Basic authentication</description>
+<status>Base</status>
+<sourcefile>mod_auth_basic.c</sourcefile>
+<identifier>auth_basic_module</identifier>
+<compatibility>Available in Apache 2.0.42 and later</compatibility>
+
+<summary>
+
+ <p>This module allows the use of HTTP Basic Authentication to
+ restrict access by looking up users in the given providers.
+ HTTP Digest Authentication is provided by
+ <module>mod_auth_digest</module>.</p>
+
+</summary>
+<seealso><directive module="core">AuthName</directive></seealso>
+<seealso><directive module="core">AuthType</directive></seealso>
+
+<directivesynopsis>
+<name>AuthBasicProvider</name>
+<description>Sets the authentication provider(s) for this location</description>
+<syntax>AuthBasicProvider <em>provider-name</em></syntax>
+<contextlist>
+ <context>directory</context>
+ <context>location</context>
+ <context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+ <p>The <directive>AuthBasicProvider</directive> directive sets
+ which provider is used to authenticate the users for this location.</p>
+
+ <p>See <module>mod_authn_dbm</module>, <module>mod_authn_file</module>
+ for providers.</p>
+
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>AuthBasicAuthoritative</name>
+<description>Sets whether authorization and authentication are
+passed to lower level modules</description>
+<syntax>AuthBasicAuthoritative on|off</syntax>
+<default>AuthBasicAuthoritative on</default>
+<contextlist>
+ <context>directory</context>
+ <context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+ <p>Setting the <directive>AuthBasicAuthoritative</directive> directive
+ explicitly to <strong>'off'</strong> allows for both
+ authentication and authorization to be passed on to lower level
+ modules (as defined in the <code>Configuration</code> and
+ <code>modules.c</code> files) if there is <strong>no
+ userID</strong> or <strong>rule</strong> matching the supplied
+ userID. If there is a userID and/or rule specified; the usual
+ password and access checks will be applied and a failure will give
+ an Authorization Required reply.</p>
+
+ <p>So if a userID appears in the database of more than one module;
+ or if a valid <directive module="core">Require</directive>
+ directive applies to more than one module; then the first module
+ will verify the credentials; and no access is passed on;
+ regardless of the AuthAuthoritative setting.</p>
+
+ <p>By default; control is not passed on; and an unknown userID or
+ rule will result in an Authorization Required reply. Not setting
+ it thus keeps the system secure; and forces an NCSA compliant
+ behaviour.</p>
+
+</usage>
+</directivesynopsis>
+
+</modulesynopsis>
--- /dev/null
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ This file is generated from xml source: DO NOT EDIT
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ --><title>mod_authn_dbm - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.0</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authn_dbm</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
+ </a></th><td>User authentication using DBM files</td></tr><tr><th><a href="module-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
+ </a></th><td>authn_dbm_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
+ </a></th><td>mod_authn_dbm.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
+ </a></th><td>Available in Apache 2.0.42 and later</td></tr></table><h3>Summary</h3>
+ <p>This module provides authentication front-ends such as
+ <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>
+ to authenticate users by looking up users in plain text password files.
+ Similar functionality is provided by <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>.</p>
+
+ <p>When using <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or
+ <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the
+ <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or
+ <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
+ with the 'dbm' value.</p>
+</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authdbmauthoritative">AuthDBMAuthoritative</a></li><li><img alt="" src="../images/down.gif" /> <a href="#authdbmtype">AuthDBMType</a></li><li><img alt="" src="../images/down.gif" /> <a href="#authdbmuserfile">AuthDBMUserFile</a></li></ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li><li>
+ <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
+</li><li>
+ <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
+</li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMAuthoritative" id="AuthDBMAuthoritative">AuthDBMAuthoritative</a> <a name="authdbmauthoritative" id="authdbmauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets whether authentication and authorization will be
+passwed on to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthDBMAuthoritative on|off</td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthDBMAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authn_dbm</td></tr></table>
+
+ <p>Setting the <code class="directive">AuthDBMAuthoritative</code>
+ directive explicitly to <strong>'off'</strong> allows for both
+ authentication and authorization to be passed on to lower level
+ modules (as defined in the <code>Configuration</code> and
+ <code>modules.c</code> file if there is <strong>no userID</strong>
+ or <strong>rule</strong> matching the supplied userID. If there is
+ a userID and/or rule specified; the usual password and access
+ checks will be applied and a failure will give an Authorization
+ Required reply.</p>
+
+ <p>So if a userID appears in the database of more than one module;
+ or if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
+ directive applies to more than one module; then the first module
+ will verify the credentials; and no access is passed on;
+ regardless of the <code class="directive">AuthAuthoritative</code> setting.</p>
+
+ <p>A common use for this is in conjunction with one of the
+ auth providers; such as <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. Whereas this
+ DBM module supplies the bulk of the user credential checking; a
+ few (administrator) related accesses fall through to a lower
+ level with a well protected .htpasswd file.</p>
+
+ <p>By default, control is not passed on and an unknown userID
+ or rule will result in an Authorization Required reply. Not
+ setting it thus keeps the system secure and forces an NCSA
+ compliant behaviour.</p>
+
+ <p>Security: Do consider the implications of allowing a user to
+ allow fall-through in his .htaccess file; and verify that this
+ is really what you want; Generally it is easier to just secure
+ a single .htpasswd file, than it is to secure a database which
+ might have more access interfaces.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMType" id="AuthDBMType">AuthDBMType</a> <a name="authdbmtype" id="authdbmtype">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets the type of database file that is used to
+store passwords</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthDBMType default|SDBM|GDBM|NDBM|DB</td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthDBMType default</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authn_dbm</td></tr><tr><th><a href="directive-dict.html#Compatibility">Compatibility:
+ </a></th><td>Available in version 2.0.30 and later.</td></tr></table>
+
+<p>Sets the type of database file that is used to store the passwords.
+The default database type is determined at compile time. The
+availability of other types of database files also depends on
+<a href="../install.html#dbm">compile-time settings</a>.</p>
+
+<p>It is crucial that whatever program you use to create your password
+files is configured to use the same type of database.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMUserFile" id="AuthDBMUserFile">AuthDBMUserFile</a> <a name="authdbmuserfile" id="authdbmuserfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets the name of a database file containing the list of users and
+passwords for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthDBMUserFile <em>file-path</em></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authn_dbm</td></tr></table>
+ <p>The <code class="directive">AuthDBMUserFile</code> directive sets the
+ name of a DBM file containing the list of users and passwords for
+ user authentication. <em>File-path</em> is the absolute path to
+ the user file.</p>
+
+ <p>The user file is keyed on the username. The value for a user is
+ the <code>crypt()</code> encrypted password, optionally followed
+ by a colon and arbitrary data. The colon and the data following it
+ will be ignored by the server.</p>
+
+ <p>Security: make sure that the
+ <code class="directive">AuthDBMUserFile</code> is stored outside the
+ document tree of the web-server; do <em>not</em> put it in the
+ directory that it protects. Otherwise, clients will be able to
+ download the <code class="directive">AuthDBMUserFile</code>.</p>
+
+ <p>Important compatibility note: The implementation of
+ "dbmopen" in the apache modules reads the string length of the
+ hashed values from the DBM data structures, rather than relying
+ upon the string being NULL-appended. Some applications, such as
+ the Netscape web server, rely upon the string being
+ NULL-appended, so if you are having trouble using DBM files
+ interchangeably between applications this may be a part of the
+ problem.</p>
+
+ <p>A perl script called
+ <a href="../programs/dbmmanage.html">dbmmanage</a> is included with
+ Apache. This program can be used to create and update DBM
+ format password files for use with this module.</p>
+</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
+<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
+<modulesynopsis>
+
+<name>mod_authn_dbm</name>
+<description>User authentication using DBM files</description>
+<status>Extension</status>
+<sourcefile>mod_authn_dbm.c</sourcefile>
+<identifier>authn_dbm_module</identifier>
+<compatibility>Available in Apache 2.0.42 and later</compatibility>
+
+<summary>
+ <p>This module provides authentication front-ends such as
+ <module>mod_auth_digest</module> and <module>mod_auth_basic</module>
+ to authenticate users by looking up users in plain text password files.
+ Similar functionality is provided by <module>mod_authn_file</module>.</p>
+
+ <p>When using <module>mod_auth_basic</module> or
+ <module>mod_auth_digest</module>, this module is invoked via the
+ <directive module="mod_auth_basic">AuthBasicProvider</directive> or
+ <directive module="mod_auth_digest">AuthDigestProvider</directive>
+ with the 'dbm' value.</p>
+</summary>
+
+<seealso><directive module="core">AuthName</directive></seealso>
+<seealso><directive module="core">AuthType</directive></seealso>
+<seealso>
+ <directive module="mod_auth_basic">AuthBasicProvider</directive>
+</seealso>
+<seealso>
+ <directive module="mod_auth_digest">AuthDigestProvider</directive>
+</seealso>
+
+<directivesynopsis>
+<name>AuthDBMUserFile</name>
+<description>Sets the name of a database file containing the list of users and
+passwords for authentication</description>
+<syntax>AuthDBMUserFile <em>file-path</em></syntax>
+<contextlist>
+ <context>directory</context>
+ <context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+ <p>The <directive>AuthDBMUserFile</directive> directive sets the
+ name of a DBM file containing the list of users and passwords for
+ user authentication. <em>File-path</em> is the absolute path to
+ the user file.</p>
+
+ <p>The user file is keyed on the username. The value for a user is
+ the <code>crypt()</code> encrypted password, optionally followed
+ by a colon and arbitrary data. The colon and the data following it
+ will be ignored by the server.</p>
+
+ <p>Security: make sure that the
+ <directive>AuthDBMUserFile</directive> is stored outside the
+ document tree of the web-server; do <em>not</em> put it in the
+ directory that it protects. Otherwise, clients will be able to
+ download the <directive>AuthDBMUserFile</directive>.</p>
+
+ <p>Important compatibility note: The implementation of
+ "dbmopen" in the apache modules reads the string length of the
+ hashed values from the DBM data structures, rather than relying
+ upon the string being NULL-appended. Some applications, such as
+ the Netscape web server, rely upon the string being
+ NULL-appended, so if you are having trouble using DBM files
+ interchangeably between applications this may be a part of the
+ problem.</p>
+
+ <p>A perl script called
+ <a href="../programs/dbmmanage.html">dbmmanage</a> is included with
+ Apache. This program can be used to create and update DBM
+ format password files for use with this module.</p>
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>AuthDBMType</name>
+<description>Sets the type of database file that is used to
+store passwords</description>
+<syntax>AuthDBMType default|SDBM|GDBM|NDBM|DB</syntax>
+<default>AuthDBMType default</default>
+<contextlist>
+ <context>directory</context>
+ <context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+<compatibility>Available in version 2.0.30 and later.</compatibility>
+
+<usage>
+
+<p>Sets the type of database file that is used to store the passwords.
+The default database type is determined at compile time. The
+availability of other types of database files also depends on
+<a href="../install.html#dbm">compile-time settings</a>.</p>
+
+<p>It is crucial that whatever program you use to create your password
+files is configured to use the same type of database.</p>
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>AuthDBMAuthoritative</name>
+<description>Sets whether authentication and authorization will be
+passwed on to lower level modules</description>
+<syntax>AuthDBMAuthoritative on|off</syntax>
+<default>AuthDBMAuthoritative on</default>
+<contextlist><context>directory</context><context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+
+ <p>Setting the <directive>AuthDBMAuthoritative</directive>
+ directive explicitly to <strong>'off'</strong> allows for both
+ authentication and authorization to be passed on to lower level
+ modules (as defined in the <code>Configuration</code> and
+ <code>modules.c</code> file if there is <strong>no userID</strong>
+ or <strong>rule</strong> matching the supplied userID. If there is
+ a userID and/or rule specified; the usual password and access
+ checks will be applied and a failure will give an Authorization
+ Required reply.</p>
+
+ <p>So if a userID appears in the database of more than one module;
+ or if a valid <directive module="core">Require</directive>
+ directive applies to more than one module; then the first module
+ will verify the credentials; and no access is passed on;
+ regardless of the <directive>AuthAuthoritative</directive> setting.</p>
+
+ <p>A common use for this is in conjunction with one of the
+ auth providers; such as <module>mod_authn_file</module>. Whereas this
+ DBM module supplies the bulk of the user credential checking; a
+ few (administrator) related accesses fall through to a lower
+ level with a well protected .htpasswd file.</p>
+
+ <p>By default, control is not passed on and an unknown userID
+ or rule will result in an Authorization Required reply. Not
+ setting it thus keeps the system secure and forces an NCSA
+ compliant behaviour.</p>
+
+ <p>Security: Do consider the implications of allowing a user to
+ allow fall-through in his .htaccess file; and verify that this
+ is really what you want; Generally it is easier to just secure
+ a single .htpasswd file, than it is to secure a database which
+ might have more access interfaces.</p>
+</usage>
+</directivesynopsis>
+
+</modulesynopsis>
--- /dev/null
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ This file is generated from xml source: DO NOT EDIT
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ --><title>mod_authn_file - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.0</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authn_file</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
+ </a></th><td>User authentication using text files</td></tr><tr><th><a href="module-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
+ </a></th><td>authn_file_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
+ </a></th><td>mod_authn_file.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
+ </a></th><td>Available in Apache 2.0.42 and later</td></tr></table><h3>Summary</h3>
+
+ <p>This module provides authentication front-ends such as
+ <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>
+ to authenticate users by looking up users in plain text password files.
+ Similar functionality is provided by <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code>.</p>
+
+ <p>When using <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or
+ <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the
+ <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or
+ <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
+ with the 'file' value.</p>
+
+</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authuserfile">AuthUserFile</a></li><li><img alt="" src="../images/down.gif" /> <a href="#authuserfileauthoritative">AuthUserFileAuthoritative</a></li></ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li><li>
+ <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
+</li><li>
+ <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
+</li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthUserFile" id="AuthUserFile">AuthUserFile</a> <a name="authuserfile" id="authuserfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets the name of a text file containing the list of users and
+passwords for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthUserFile <em>file-path</em></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authn_file</td></tr></table>
+ <p>The <code class="directive">AuthUserFile</code> directive sets the name
+ of a textual file containing the list of users and passwords for
+ user authentication. <em>File-path</em> is the path to the user
+ file. If it is not absolute (<em>i.e.</em>, if it doesn't begin
+ with a slash), it is treated as relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
+
+ <p>Each line of the user file contains a username followed by
+ a colon, followed by the <code>crypt()</code> encrypted
+ password. The behavior of multiple occurrences of the same user is
+ undefined.</p>
+
+ <p>The utility <a href="../programs/htpasswd.html">htpasswd</a>
+ which is installed as part of the binary distribution, or which
+ can be found in <code>src/support</code>, is used to maintain
+ this password file. See the <code>man</code> page for more
+ details. In short:</p>
+
+ <p>Create a password file 'Filename' with 'username' as the
+ initial ID. It will prompt for the password:</p>
+ <div class="example"><p><code>htpasswd -c Filename username</code></p></div>
+
+ <p>Add or modify 'username2' in the password file 'Filename':</p>
+ <div class="example"><p><code>htpasswd Filename username2</code></p></div>
+
+ <p>Note that searching large text files is <em>very</em>
+ inefficient; <code class="directive"><a href="../mod/mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile</a></code> should be used
+ instead.</p>
+
+ <div class="note"><h3>Security</h3>
+ <p>Make sure that the <code class="directive">AuthUserFile</code> is
+ stored outside the document tree of the web-server; do <em>not</em>
+ put it in the directory that it protects. Otherwise, clients will
+ be able to download the <code class="directive">AuthUserFile</code>.</p>
+ </div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthUserFileAuthoritative" id="AuthUserFileAuthoritative">AuthUserFileAuthoritative</a> <a name="authuserfileauthoritative" id="authuserfileauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets whether authorization and authentication are
+passed to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthUserFileAuthoritative on|off</td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthUserFileAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Base</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authn_file</td></tr></table>
+ <div class="note">This information has not been updated for Apache 2.0, which
+ uses a different system for module ordering.</div>
+
+ <p>Setting the <code class="directive">AuthAuthoritative</code> directive
+ explicitly to <strong>'off'</strong> allows for both
+ authentication and authorization to be passed on to lower level
+ modules (as defined in the <code>Configuration</code> and
+ <code>modules.c</code> files) if there is <strong>no
+ userID</strong> or <strong>rule</strong> matching the supplied
+ userID. If there is a userID and/or rule specified; the usual
+ password and access checks will be applied and a failure will give
+ an Authorization Required reply.</p>
+
+ <p>So if a userID appears in the database of more than one module;
+ or if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
+ directive applies to more than one module; then the first module
+ will verify the credentials; and no access is passed on;
+ regardless of the AuthAuthoritative setting.</p>
+
+ <p>By default; control is not passed on; and an unknown userID or
+ rule will result in an Authorization Required reply. Not setting
+ it thus keeps the system secure; and forces an NCSA compliant
+ behaviour.</p>
+
+ <div class="note"><h3>Security</h3> Do consider the implications of
+ allowing a user to allow fall-through in his .htaccess file; and
+ verify that this is really what you want; Generally it is easier
+ to just secure a single .htpasswd file, than it is to secure a
+ database such as mSQL. Make sure that the <code class="directive"><a href="#authuserfile">AuthUserFile</a></code> and the <code class="directive"><a href="../mod/mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></code> are stored outside
+ the document tree of the web-server; do <em>not</em> put them in the
+ directory that they protect. Otherwise, clients will be able to
+ download the <code class="directive"><a href="#authuserfile">AuthUserFile</a></code>
+ and the <code class="directive"><a href="../mod/mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></code>.
+ </div>
+</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
+<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
+<modulesynopsis>
+
+<name>mod_authn_file</name>
+<description>User authentication using text files</description>
+<status>Base</status>
+<sourcefile>mod_authn_file.c</sourcefile>
+<identifier>authn_file_module</identifier>
+<compatibility>Available in Apache 2.0.42 and later</compatibility>
+
+<summary>
+
+ <p>This module provides authentication front-ends such as
+ <module>mod_auth_digest</module> and <module>mod_auth_basic</module>
+ to authenticate users by looking up users in plain text password files.
+ Similar functionality is provided by <module>mod_authn_dbm</module>.</p>
+
+ <p>When using <module>mod_auth_basic</module> or
+ <module>mod_auth_digest</module>, this module is invoked via the
+ <directive module="mod_auth_basic">AuthBasicProvider</directive> or
+ <directive module="mod_auth_digest">AuthDigestProvider</directive>
+ with the 'file' value.</p>
+
+</summary>
+<seealso><directive module="core">AuthName</directive></seealso>
+<seealso><directive module="core">AuthType</directive></seealso>
+<seealso>
+ <directive module="mod_auth_basic">AuthBasicProvider</directive>
+</seealso>
+<seealso>
+ <directive module="mod_auth_digest">AuthDigestProvider</directive>
+</seealso>
+
+<directivesynopsis>
+<name>AuthUserFile</name>
+<description>Sets the name of a text file containing the list of users and
+passwords for authentication</description>
+<syntax>AuthUserFile <em>file-path</em></syntax>
+<contextlist>
+ <context>directory</context>
+ <context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+ <p>The <directive>AuthUserFile</directive> directive sets the name
+ of a textual file containing the list of users and passwords for
+ user authentication. <em>File-path</em> is the path to the user
+ file. If it is not absolute (<em>i.e.</em>, if it doesn't begin
+ with a slash), it is treated as relative to the <directive
+ module="core">ServerRoot</directive>.</p>
+
+ <p>Each line of the user file contains a username followed by
+ a colon, followed by the <code>crypt()</code> encrypted
+ password. The behavior of multiple occurrences of the same user is
+ undefined.</p>
+
+ <p>The utility <a href="../programs/htpasswd.html">htpasswd</a>
+ which is installed as part of the binary distribution, or which
+ can be found in <code>src/support</code>, is used to maintain
+ this password file. See the <code>man</code> page for more
+ details. In short:</p>
+
+ <p>Create a password file 'Filename' with 'username' as the
+ initial ID. It will prompt for the password:</p>
+ <example>htpasswd -c Filename username</example>
+
+ <p>Add or modify 'username2' in the password file 'Filename':</p>
+ <example>htpasswd Filename username2</example>
+
+ <p>Note that searching large text files is <em>very</em>
+ inefficient; <directive
+ module="mod_authn_dbm">AuthDBMUserFile</directive> should be used
+ instead.</p>
+
+ <note><title>Security</title>
+ <p>Make sure that the <directive>AuthUserFile</directive> is
+ stored outside the document tree of the web-server; do <em>not</em>
+ put it in the directory that it protects. Otherwise, clients will
+ be able to download the <directive>AuthUserFile</directive>.</p>
+ </note>
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>AuthUserFileAuthoritative</name>
+<description>Sets whether authorization and authentication are
+passed to lower level modules</description>
+<syntax>AuthUserFileAuthoritative on|off</syntax>
+<default>AuthUserFileAuthoritative on</default>
+<contextlist>
+ <context>directory</context>
+ <context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+ <note>This information has not been updated for Apache 2.0, which
+ uses a different system for module ordering.</note>
+
+ <p>Setting the <directive>AuthAuthoritative</directive> directive
+ explicitly to <strong>'off'</strong> allows for both
+ authentication and authorization to be passed on to lower level
+ modules (as defined in the <code>Configuration</code> and
+ <code>modules.c</code> files) if there is <strong>no
+ userID</strong> or <strong>rule</strong> matching the supplied
+ userID. If there is a userID and/or rule specified; the usual
+ password and access checks will be applied and a failure will give
+ an Authorization Required reply.</p>
+
+ <p>So if a userID appears in the database of more than one module;
+ or if a valid <directive module="core">Require</directive>
+ directive applies to more than one module; then the first module
+ will verify the credentials; and no access is passed on;
+ regardless of the AuthAuthoritative setting.</p>
+
+ <p>By default; control is not passed on; and an unknown userID or
+ rule will result in an Authorization Required reply. Not setting
+ it thus keeps the system secure; and forces an NCSA compliant
+ behaviour.</p>
+
+ <note><title>Security</title> Do consider the implications of
+ allowing a user to allow fall-through in his .htaccess file; and
+ verify that this is really what you want; Generally it is easier
+ to just secure a single .htpasswd file, than it is to secure a
+ database such as mSQL. Make sure that the <directive
+ module="mod_authn_file">AuthUserFile</directive> and the <directive
+ module="mod_authz_groupfile">AuthGroupFile</directive> are stored outside
+ the document tree of the web-server; do <em>not</em> put them in the
+ directory that they protect. Otherwise, clients will be able to
+ download the <directive module="mod_authn_file">AuthUserFile</directive>
+ and the <directive module="mod_authz_groupfile">AuthGroupFile</directive>.
+ </note>
+</usage>
+</directivesynopsis>
+
+</modulesynopsis>
--- /dev/null
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ This file is generated from xml source: DO NOT EDIT
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ --><title>mod_authz_dbm - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.0</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authz_dbm</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
+ </a></th><td>Group authorization using DBM files</td></tr><tr><th><a href="module-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
+ </a></th><td>authz_dbm_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
+ </a></th><td>mod_authz_dbm.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
+ </a></th><td>Available in Apache 2.0.42 and later</td></tr></table><h3>Summary</h3>
+ <p>This module provides authorization capabilities so that
+ authenticated users can be allowed or denied access to portions
+ of the web site by group membership. Similar functionality is
+ provided by <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code>.</p>
+</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authdbmgroupfile">AuthDBMGroupFile</a></li><li><img alt="" src="../images/down.gif" /> <a href="#authzdbmauthoritative">AuthzDBMAuthoritative</a></li><li><img alt="" src="../images/down.gif" /> <a href="#authzdbmtype">AuthzDBMType</a></li></ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthDBMGroupFile" id="AuthDBMGroupFile">AuthDBMGroupFile</a> <a name="authdbmgroupfile" id="authdbmgroupfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets the name of the database file containing the list
+of user groups for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthDBMGroupFile <em>file-path</em></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authz_dbm</td></tr></table>
+ <p>The <code class="directive">AuthDBMGroupFile</code> directive sets the
+ name of a DBM file containing the list of user groups for user
+ authentication. <em>File-path</em> is the absolute path to the
+ group file.</p>
+
+ <p>The group file is keyed on the username. The value for a
+ user is a comma-separated list of the groups to which the users
+ belongs. There must be no whitespace within the value, and it
+ must never contain any colons.</p>
+
+ <p>Security: make sure that the
+ <code class="directive">AuthDBMGroupFile</code> is stored outside the
+ document tree of the web-server; do <em>not</em> put it in the
+ directory that it protects. Otherwise, clients will be able to
+ download the <code class="directive">AuthDBMGroupFile</code> unless
+ otherwise protected.</p>
+
+ <p>Combining Group and Password DBM files: In some cases it is
+ easier to manage a single database which contains both the
+ password and group details for each user. This simplifies any
+ support programs that need to be written: they now only have to
+ deal with writing to and locking a single DBM file. This can be
+ accomplished by first setting the group and password files to
+ point to the same DBM:</p>
+
+<div class="example"><p><code>
+AuthDBMGroupFile /www/userbase<br />
+AuthDBMUserFile /www/userbase
+</code></p></div>
+
+ <p>The key for the single DBM is the username. The value consists
+ of</p>
+
+<div class="example"><p><code>Unix Crypt-ed Password : List of Groups [ : (ignored)
+ ]</code></p></div>
+
+ <p>The password section contains the Unix <code>crypt()</code>
+ password as before. This is followed by a colon and the comma
+ separated list of groups. Other data may optionally be left in the
+ DBM file after another colon; it is ignored by the authentication
+ module. This is what www.telescope.org uses for its combined
+ password and group database.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzDBMAuthoritative" id="AuthzDBMAuthoritative">AuthzDBMAuthoritative</a> <a name="authzdbmauthoritative" id="authzdbmauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets whether authorization will be passed on to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthzDBMAuthoritative on|off</td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthzDBMAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authz_dbm</td></tr></table>
+
+ <p>Setting the <code class="directive">AuthzDBMAuthoritative</code>
+ directive explicitly to <strong>'off'</strong> allows for both
+ authentication and authorization to be passed on to lower level
+ modules (as defined in the <code>Configuration</code> and
+ <code>modules.c</code> file if there is <strong>no userID</strong>
+ or <strong>rule</strong> matching the supplied userID. If there is
+ a userID and/or rule specified; the usual password and access
+ checks will be applied and a failure will give an Authorization
+ Required reply.</p>
+
+ <p>So if a userID appears in the database of more than one module;
+ or if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
+ directive applies to more than one module; then the first module
+ will verify the credentials; and no access is passed on;
+ regardless of the <code class="directive">AuthAuthoritative</code> setting.</p>
+
+ <p>A common use for this is in conjunction with one of the
+ auth providers; such as <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. Whereas this
+ DBM module supplies the bulk of the user credential checking; a
+ few (administrator) related accesses fall through to a lower
+ level with a well protected .htpasswd file.</p>
+
+ <p>By default, control is not passed on and an unknown userID
+ or rule will result in an Authorization Required reply. Not
+ setting it thus keeps the system secure and forces an NCSA
+ compliant behaviour.</p>
+
+ <p>Security: Do consider the implications of allowing a user to
+ allow fall-through in his .htaccess file; and verify that this
+ is really what you want; Generally it is easier to just secure
+ a single .htpasswd file, than it is to secure a database which
+ might have more access interfaces.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzDBMType" id="AuthzDBMType">AuthzDBMType</a> <a name="authzdbmtype" id="authzdbmtype">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets the type of database file that is used to
+store passwords</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthzDBMType default|SDBM|GDBM|NDBM|DB</td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthzDBMType default</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authz_dbm</td></tr><tr><th><a href="directive-dict.html#Compatibility">Compatibility:
+ </a></th><td>Available in version 2.0.30 and later.</td></tr></table>
+
+<p>Sets the type of database file that is used to store the passwords.
+The default database type is determined at compile time. The
+availability of other types of database files also depends on
+<a href="../install.html#dbm">compile-time settings</a>.</p>
+
+<p>It is crucial that whatever program you use to create your password
+files is configured to use the same type of database.</p>
+</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
+<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
+<modulesynopsis>
+
+<name>mod_authz_dbm</name>
+<description>Group authorization using DBM files</description>
+<status>Extension</status>
+<sourcefile>mod_authz_dbm.c</sourcefile>
+<identifier>authz_dbm_module</identifier>
+<compatibility>Available in Apache 2.0.42 and later</compatibility>
+
+<summary>
+ <p>This module provides authorization capabilities so that
+ authenticated users can be allowed or denied access to portions
+ of the web site by group membership. Similar functionality is
+ provided by <module>mod_authz_groupfile</module>.</p>
+</summary>
+
+<seealso><directive module="core">Require</directive></seealso>
+<seealso><directive module="core">Satisfy</directive></seealso>
+
+<directivesynopsis>
+<name>AuthDBMGroupFile</name>
+<description>Sets the name of the database file containing the list
+of user groups for authentication</description>
+<syntax>AuthDBMGroupFile <em>file-path</em></syntax>
+<contextlist><context>directory</context><context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+ <p>The <directive>AuthDBMGroupFile</directive> directive sets the
+ name of a DBM file containing the list of user groups for user
+ authentication. <em>File-path</em> is the absolute path to the
+ group file.</p>
+
+ <p>The group file is keyed on the username. The value for a
+ user is a comma-separated list of the groups to which the users
+ belongs. There must be no whitespace within the value, and it
+ must never contain any colons.</p>
+
+ <p>Security: make sure that the
+ <directive>AuthDBMGroupFile</directive> is stored outside the
+ document tree of the web-server; do <em>not</em> put it in the
+ directory that it protects. Otherwise, clients will be able to
+ download the <directive>AuthDBMGroupFile</directive> unless
+ otherwise protected.</p>
+
+ <p>Combining Group and Password DBM files: In some cases it is
+ easier to manage a single database which contains both the
+ password and group details for each user. This simplifies any
+ support programs that need to be written: they now only have to
+ deal with writing to and locking a single DBM file. This can be
+ accomplished by first setting the group and password files to
+ point to the same DBM:</p>
+
+<example>
+AuthDBMGroupFile /www/userbase<br />
+AuthDBMUserFile /www/userbase
+</example>
+
+ <p>The key for the single DBM is the username. The value consists
+ of</p>
+
+<example>Unix Crypt-ed Password : List of Groups [ : (ignored)
+ ]</example>
+
+ <p>The password section contains the Unix <code>crypt()</code>
+ password as before. This is followed by a colon and the comma
+ separated list of groups. Other data may optionally be left in the
+ DBM file after another colon; it is ignored by the authentication
+ module. This is what www.telescope.org uses for its combined
+ password and group database.</p>
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>AuthzDBMType</name>
+<description>Sets the type of database file that is used to
+store passwords</description>
+<syntax>AuthzDBMType default|SDBM|GDBM|NDBM|DB</syntax>
+<default>AuthzDBMType default</default>
+<contextlist>
+ <context>directory</context>
+ <context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+<compatibility>Available in version 2.0.30 and later.</compatibility>
+
+<usage>
+
+<p>Sets the type of database file that is used to store the passwords.
+The default database type is determined at compile time. The
+availability of other types of database files also depends on
+<a href="../install.html#dbm">compile-time settings</a>.</p>
+
+<p>It is crucial that whatever program you use to create your password
+files is configured to use the same type of database.</p>
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>AuthzDBMAuthoritative</name>
+<description>Sets whether authorization will be passed on to lower level modules</description>
+<syntax>AuthzDBMAuthoritative on|off</syntax>
+<default>AuthzDBMAuthoritative on</default>
+<contextlist>
+ <context>directory</context>
+ <context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+
+ <p>Setting the <directive>AuthzDBMAuthoritative</directive>
+ directive explicitly to <strong>'off'</strong> allows for both
+ authentication and authorization to be passed on to lower level
+ modules (as defined in the <code>Configuration</code> and
+ <code>modules.c</code> file if there is <strong>no userID</strong>
+ or <strong>rule</strong> matching the supplied userID. If there is
+ a userID and/or rule specified; the usual password and access
+ checks will be applied and a failure will give an Authorization
+ Required reply.</p>
+
+ <p>So if a userID appears in the database of more than one module;
+ or if a valid <directive module="core">Require</directive>
+ directive applies to more than one module; then the first module
+ will verify the credentials; and no access is passed on;
+ regardless of the <directive>AuthAuthoritative</directive> setting.</p>
+
+ <p>A common use for this is in conjunction with one of the
+ auth providers; such as <module>mod_authn_file</module>. Whereas this
+ DBM module supplies the bulk of the user credential checking; a
+ few (administrator) related accesses fall through to a lower
+ level with a well protected .htpasswd file.</p>
+
+ <p>By default, control is not passed on and an unknown userID
+ or rule will result in an Authorization Required reply. Not
+ setting it thus keeps the system secure and forces an NCSA
+ compliant behaviour.</p>
+
+ <p>Security: Do consider the implications of allowing a user to
+ allow fall-through in his .htaccess file; and verify that this
+ is really what you want; Generally it is easier to just secure
+ a single .htpasswd file, than it is to secure a database which
+ might have more access interfaces.</p>
+</usage>
+</directivesynopsis>
+
+</modulesynopsis>
--- /dev/null
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ This file is generated from xml source: DO NOT EDIT
+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ --><title>mod_authz_groupfile - Apache HTTP Server</title><link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /><link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /><link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link href="../images/favicon.ico" rel="shortcut icon" /></head><body><div id="page-header"><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p><p class="apache">Apache HTTP Server Version 2.0</p><img alt="" src="../images/feather.gif" /></div><div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div><div id="path"><a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Modules</a></div><div id="page-content"><div id="preamble"><h1>Apache Module mod_authz_groupfile</h1><table class="module"><tr><th><a href="module-dict.html#Description">Description:
+ </a></th><td>Group authorization using plaintext files</td></tr><tr><th><a href="module-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:
+ </a></th><td>authz_groupfile_module</td></tr><tr><th><a href="module-dict.html#SourceFile">Source File:
+ </a></th><td>mod_authz_groupfile.c</td></tr><tr><th><a href="module-dict.html#Compatibility">Compatibility:
+ </a></th><td>Available in Apache 2.0.42 and later</td></tr></table><h3>Summary</h3>
+ <p>This module provides authorization capabilities so that
+ authenticated users can be allowed or denied access to portions
+ of the web site by group membership. Similar functionality is
+ provided by <code class="module"><a href="../mod/mod_authz_dbm.html">mod_authz_dbm</a></code>.</p>
+</div><div id="quickview"><h3 class="directives">Directives</h3><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#authgroupfile">AuthGroupFile</a></li><li><img alt="" src="../images/down.gif" /> <a href="#authzgroupfileauthoritative">AuthzGroupFileAuthoritative</a></li></ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="../mod/core.html#require">Require</a></code></li><li><code class="directive"><a href="../mod/core.html#satisfy">Satisfy</a></code></li></ul></div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthGroupFile" id="AuthGroupFile">AuthGroupFile</a> <a name="authgroupfile" id="authgroupfile">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets the name of a text file containing the list
+of user groups for authentication</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthGroupFile <em>file-path</em></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authz_groupfile</td></tr></table>
+ <p>The <code class="directive">AuthGroupFile</code> directive sets the
+ name of a textual file containing the list of user groups for user
+ authentication. <em>File-path</em> is the path to the group
+ file. If it is not absolute (<em>i.e.</em>, if it doesn't begin
+ with a slash), it is treated as relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
+
+ <p>Each line of the group file contains a groupname followed by a
+ colon, followed by the member usernames separated by spaces.
+ Example:</p>
+
+ <div class="example"><p><code>mygroup: bob joe anne</code></p></div>
+
+ <p>Note that searching large text files is <em>very</em>
+ inefficient; <code class="directive"><a href="../mod/mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a></code> should be used
+ instead.</p>
+
+ <div class="note"><h3>Security</h3>
+ <p>Make sure that the <code class="directive">AuthGroupFile</code> is
+ stored outside the document tree of the web-server; do <em>not</em>
+ put it in the directory that it protects. Otherwise, clients will
+ be able to download the <code class="directive">AuthGroupFile</code>.</p>
+ </div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div><div class="directive-section"><h2><a name="AuthzGroupFileAuthoritative" id="AuthzGroupFileAuthoritative">AuthzGroupFileAuthoritative</a> <a name="authzgroupfileauthoritative" id="authzgroupfileauthoritative">Directive</a></h2><table class="directive"><tr><th><a href="directive-dict.html#Description">Description:
+ </a></th><td>Sets whether authorization will be passed on to lower level modules</td></tr><tr><th><a href="directive-dict.html#Syntax">Syntax:
+ </a></th><td>AuthzGroupFileAuthoritative on|off</td></tr><tr><th><a href="directive-dict.html#Default">Default:
+ </a></th><td><code>AuthzGroupFileAuthoritative on</code></td></tr><tr><th><a href="directive-dict.html#Context">Context:
+ </a></th><td>directory, .htaccess</td></tr><tr><th><a href="directive-dict.html#Override">Override:
+ </a></th><td>AuthConfig</td></tr><tr><th><a href="directive-dict.html#Status">Status:
+ </a></th><td>Extension</td></tr><tr><th><a href="directive-dict.html#Module">Module:
+ </a></th><td>mod_authz_groupfile</td></tr></table>
+
+ <p>Setting the <code class="directive">AuthzGroupFileAuthoritative</code>
+ directive explicitly to <strong>'off'</strong> allows for
+ authorization to be passed on to lower level modules (as defined in
+ the <code>Configuration</code> and <code>modules.c</code> file if
+ there is <strong>no userID</strong> or <strong>rule</strong> matching
+ the supplied userID. If there is a userID and/or rule specified; the
+ usual password and access checks will be applied and a failure will
+ give an Authorization Required reply.</p>
+
+ <p>So if a valid <code class="directive"><a href="../mod/core.html#require">Require</a></code>
+ directive applies to more than one module; then the first module
+ will verify the credentials; and no access is passed on;
+ regardless of the <code class="directive">AuthzGroupFileAuthoritative</code>
+ setting.</p>
+
+ <p>By default, control is not passed on and an unknown userID
+ or rule will result in an Authorization Required reply. Not
+ setting it thus keeps the system secure and forces an NCSA
+ compliant behaviour.</p>
+
+ <p>Security: Do consider the implications of allowing a user to
+ allow fall-through in his .htaccess file; and verify that this
+ is really what you want; Generally it is easier to just secure
+ a single .htpasswd file, than it is to secure a database which
+ might have more access interfaces.</p>
+</div></div><div id="footer"><p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p><p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div></body></html>
\ No newline at end of file
--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
+<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
+<modulesynopsis>
+
+<name>mod_authz_groupfile</name>
+<description>Group authorization using plaintext files</description>
+<status>Extension</status>
+<sourcefile>mod_authz_groupfile.c</sourcefile>
+<identifier>authz_groupfile_module</identifier>
+<compatibility>Available in Apache 2.0.42 and later</compatibility>
+
+<summary>
+ <p>This module provides authorization capabilities so that
+ authenticated users can be allowed or denied access to portions
+ of the web site by group membership. Similar functionality is
+ provided by <module>mod_authz_dbm</module>.</p>
+</summary>
+
+<seealso><directive module="core">Require</directive></seealso>
+<seealso><directive module="core">Satisfy</directive></seealso>
+
+<directivesynopsis>
+<name>AuthGroupFile</name>
+<description>Sets the name of a text file containing the list
+of user groups for authentication</description>
+<syntax>AuthGroupFile <em>file-path</em></syntax>
+<contextlist>
+ <context>directory</context>
+ <context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+ <p>The <directive>AuthGroupFile</directive> directive sets the
+ name of a textual file containing the list of user groups for user
+ authentication. <em>File-path</em> is the path to the group
+ file. If it is not absolute (<em>i.e.</em>, if it doesn't begin
+ with a slash), it is treated as relative to the <directive
+ module="core">ServerRoot</directive>.</p>
+
+ <p>Each line of the group file contains a groupname followed by a
+ colon, followed by the member usernames separated by spaces.
+ Example:</p>
+
+ <example>mygroup: bob joe anne</example>
+
+ <p>Note that searching large text files is <em>very</em>
+ inefficient; <directive
+ module="mod_authz_dbm">AuthDBMGroupFile</directive> should be used
+ instead.</p>
+
+ <note><title>Security</title>
+ <p>Make sure that the <directive>AuthGroupFile</directive> is
+ stored outside the document tree of the web-server; do <em>not</em>
+ put it in the directory that it protects. Otherwise, clients will
+ be able to download the <directive>AuthGroupFile</directive>.</p>
+ </note>
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>AuthzGroupFileAuthoritative</name>
+<description>Sets whether authorization will be passed on to lower level modules</description>
+<syntax>AuthzGroupFileAuthoritative on|off</syntax>
+<default>AuthzGroupFileAuthoritative on</default>
+<contextlist>
+ <context>directory</context>
+ <context>.htaccess</context>
+</contextlist>
+<override>AuthConfig</override>
+
+<usage>
+
+ <p>Setting the <directive>AuthzGroupFileAuthoritative</directive>
+ directive explicitly to <strong>'off'</strong> allows for
+ authorization to be passed on to lower level modules (as defined in
+ the <code>Configuration</code> and <code>modules.c</code> file if
+ there is <strong>no userID</strong> or <strong>rule</strong> matching
+ the supplied userID. If there is a userID and/or rule specified; the
+ usual password and access checks will be applied and a failure will
+ give an Authorization Required reply.</p>
+
+ <p>So if a valid <directive module="core">Require</directive>
+ directive applies to more than one module; then the first module
+ will verify the credentials; and no access is passed on;
+ regardless of the <directive>AuthzGroupFileAuthoritative</directive>
+ setting.</p>
+
+ <p>By default, control is not passed on and an unknown userID
+ or rule will result in an Authorization Required reply. Not
+ setting it thus keeps the system secure and forces an NCSA
+ compliant behaviour.</p>
+
+ <p>Security: Do consider the implications of allowing a user to
+ allow fall-through in his .htaccess file; and verify that this
+ is really what you want; Generally it is easier to just secure
+ a single .htpasswd file, than it is to secure a database which
+ might have more access interfaces.</p>
+</usage>
+</directivesynopsis>
+
+</modulesynopsis>
projects / apache / commitdiff