<li><code class="module"><a href="../mod/mod_authn_anon.html">mod_authn_anon</a></code></li>
<li><code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code></li>
<li><code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code></li>
- <li><code class="module"><a href="../mod/mod_authn_default.html">mod_authn_default</a></code></li>
<li><code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code></li>
<li><code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code></li>
</ul>
<li><code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code></li>
<li><code class="module"><a href="../mod/mod_authz_dbd.html">mod_authz_dbd</a></code></li>
<li><code class="module"><a href="../mod/mod_authz_dbm.html">mod_authz_dbm</a></code></li>
- <li><code class="module"><a href="../mod/mod_authz_default.html">mod_authz_default</a></code></li>
<li><code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code></li>
<li><code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code></li>
<li><code class="module"><a href="../mod/mod_authz_owner.html">mod_authz_owner</a></code></li>
</Directory>
</code></p></div>
- <p>To take authorization a little further, the directives
- <code class="directive"><a href="../mod/mod_authz_core.html#<satisfyall>"><SatisfyAll></a></code> and
- <code class="directive"><a href="../mod/mod_authz_core.html#<satisfyone>"><SatisfyOne></a></code> allow
- AND/OR logic to be applied so that the order in which authorization
- is handled can be completely controled through the configuration. See
- these directives for a complete example on they can be applied.</p>
+ <p>To take authorization a little further, authorization container
+ directives such as
+ <code class="directive"><a href="../mod/mod_authz_core.html#matchall"><MatchAll></a></code> and
+ <code class="directive"><a href="../mod/mod_authz_core.html#matchany"><MatchAny></a></code>
+ allow logic to be applied so that the order in which authorization
+ is handled can be completely controled through the configuration.
+ See <a href="../mod/mod_authz_core.html#logic">Authorization
+ Containers</a> for an example of they may be applied.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
than just a single check against a single data store. Ordering, logic
and choosing how authorization will be done is now possible.</p>
- <h3><a name="authandororder" id="authandororder">Applying AND/OR logic and ordering</a></h3>
+ <h3><a name="authandororder" id="authandororder">Applying logic and ordering</a></h3>
<p>Controling how and in what order authorization will be applied
- has been a bit of a mystery in the past. In Apache 2.2 a provider based
+ has been a bit of a mystery in the past. In Apache 2.2 a provider-based
authentication mechanism was introduced to decouple the actual
authentication process from authorization and supporting functionality.
One of the side benefits was that authentication providers could be
configured and called in a specific order which didn't depend on the
load order of the auth module itself. This same provider based mechanism
has been brought forward into authorization as well. What this means is
- that the <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive
- not only specifies which authorization methods should be used, it also
+ that the <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> and
+ <code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code> directives
+ not only specify which authorization methods should be used, they also
specifies the order in which they are called. Multiple authorization
methods are called in the same order in which the
- <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directives appear
- in the configuration.</p>
-
- <p>With the introduction of the directives
- <code class="directive"><a href="../mod/mod_authz_core.html#<satisfyall>"><SatisfyAll></a></code> and
- <code class="directive"><a href="../mod/mod_authz_core.html#<satisfyone>"><SatisfyOne></a></code>, the
- configuration also has control over when the
+ <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
+ or <code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code> directives
+ appear in the configuration.</p>
+
+ <p>With the introduction of authorization container directives
+ such as
+ <code class="directive"><a href="../mod/mod_authz_core.html#matchall"><MatchAll></a></code>
+ and
+ <code class="directive"><a href="../mod/mod_authz_core.html#matchany"><MatchAny></a></code>,
+ the configuration also has control over when the
authorization methods are called and what criteria determines when
- access is granted. For example the following authorization block would
- apply the logic:</p>
-
- <div class="example"><p><code>
- # if ((user == "John") ||<br />
- # ((Group == "admins")<br />
- # && (ldap-group <ldap-object> contains auth'ed_user)<br />
- # && ((ldap-attribute dept == "sales")<br />
- # || (file-group contains auth'ed_user))))<br />
- # then<br />
- # auth_granted<br />
- # else<br />
- # auth_denied<br />
- #<br />
- <Directory /www/mydocs><br />
- <span class="indent">
- Authname ...<br />
- AuthBasicProvider ...<br />
- ...<br />
- Require user John<br />
- <SatisfyAll><br />
- <span class="indent">
- Require Group admins<br />
- Require ldap-group cn=mygroup,o=foo<br />
- <SatisfyOne><br />
- <span class="indent">
- Require ldap-attribute dept="sales"<br />
- Require file-group<br />
- </span>
- </SatisfyOne><br />
- </span>
- </SatisfyAll><br />
- </span>
- </Directory>
- </code></p></div>
-
- <p>By default all <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
- directives are handled through an OR operation. In other words, if
+ access is granted. See
+ <a href="../mod/mod_authz_core.html#logic">Authorization Containers</a>
+ for an example of how they may be used to express complex
+ authorization logic.</p>
+
+ <p>By default all
+ <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
+ directives are handled as though contained within a
+ <code class="directive"><a href="../mod/mod_authz_core.html#matchany"><MatchAny></a></code>
+ container directive. In other words, if
any of the specified authorization methods succeed, then authorization
- is granted. By enclosing a set of
- <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directives within
- a <code class="directive"><a href="../mod/mod_authz_core.html#<satisfyall>"><SatisfyAll></a></code> block,
- the processing switches to an AND operation which requires all authorization
- methods to succeed before authorization is granted.</p>
+ is granted.</p>
+
+ <p>In contrast, by default all
+ <code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code> directives
+ are handled as though contained within a
+ <code class="directive"><a href="../mod/mod_authz_core.html#matchall"><MatchAll></a></code>
+ container directive (unless they are explicitly contained within
+ a different authorization container directive).
+ This permits
+ <code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code> directives
+ to be usefully mixed with negated
+ <code>Match not</code> directives. To authorize the request,
+ none of the negated directives can match their parameters,
+ while all of the positive directives must match their
+ parameters (or else return a neutral result).</p>
- <h3><a name="reqaccessctrl" id="reqaccessctrl">Using 'Require' or 'Reject' for access control</a></h3>
+ <h3><a name="reqaccessctrl" id="reqaccessctrl">Using authorization providers for access control</a></h3>
<p>Authentication by username and password is only part of the
story. Frequently you want to let people in based on something
other than who they are. Something such as where they are
ip</a></code> let you allow or deny access based other host based
criteria such as host name or ip address of the machine requesting
a document.</p>
-
+
<p>The usage of these providers is specified through the
<code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> and
- <code class="directive"><a href="../mod/mod_authz_core.html#reject">Reject</a></code> directives.
+ <code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code> directives.
These directives register the authorization providers
that will be called during the authorization stage of the request
processing. For example:</p>
following:</p>
<div class="example"><p><code>
- Reject ip 10.252.46.165
+ Match not ip 10.252.46.165
</code></p></div>
<p>Visitors coming from that address will not be able to see
machine name, rather than an IP address, you can use that.</p>
<div class="example"><p><code>
- Reject host <var>host.example.com</var>
+ Match not host <var>host.example.com</var>
</code></p></div>
<p>And, if you'd like to block access from an entire domain,
you can specify just part of an address or domain name:</p>
<div class="example"><p><code>
- <SatisfyAll><br />
+ Match all granted<br />
+ <MatchNotAny>
<span class="indent">
- Reject ip <var>192.168.205</var><br />
- Reject host <var>phishers.example.com</var> <var>moreidiots.example</var><br /> Reject host ke<br />
+ Match ip 192.168.205<br />
+ Match host phishers.example.com moreidiots.example<br />
+ Match host ke
</span>
- </SatisfyAll>
+ </MatchNotAny>
</code></p></div>
- <p>Using the <code class="directive"><a href="../mod/mod_authz_host.html#reject">Reject</a></code> directive
- inside of a <code class="directive"><a href="../mod/mod_authz_core.html#<satisfyall>"><SatisfyAll></a></code>
- block, will let you be sure that you are actually restricting things to
- only the group that you want to let in.</p>
-
- <p>The above example uses the <code class="directive"><a href="../mod/mod_authz_core.html# <satisfyall>">
- <SatisfyAll></a></code> block to make sure that all of the
- <code class="directive"><a href="../mod/mod_authz_host.html#reject">Reject</a></code> directives are
- satisfied before granting access. </p>
+ <p>The above example uses the <code class="directive"><a href="../mod/mod_authz_core.html#matchnotany"><MatchNotAny></a></code> container directive
+ to make sure that none of the
+ <code class="directive"><a href="../mod/mod_authz_host.html#match">Match</a></code> directives
+ match their parameters before granting access. Note that
+ the <code>Match all granted</code> directive and the
+ <code class="directive"><a href="../mod/mod_authz_core.html#matchnotany"><MatchNotAny></a></code> are implicitly contained
+ within a <code class="directive"><a href="../mod/mod_authz_core.html#matchall"><MatchAll></a></code> directive.</p>
<code class="directive"><a href="../mod/mod_access_compat.html#satisfy">Satisfy</a></code> are no longer needed.
However to provide backwards compatibility for older configurations, these
directives have been moved to the <code class="module"><a href="../mod/mod_access_compat.html">mod_access_compat</a></code> module.</p>
-
- <p>One of the problems with these directives was that the line between
- authorization and access control was very fuzzy. The
- <code class="directive"><a href="../mod/mod_access_compat.html#satisfy">Satisfy</a></code> directive
- tried to tie these two stages together by hooking itself into the
- request processing itself. Now that these directive have been moved to the
- <code class="module"><a href="../mod/mod_access_compat.html">mod_access_compat</a></code>, mixing the new authorization directives
- with the older access control directives becomes difficult. To address this
- issue, the <code class="module"><a href="../mod/mod_authz_default.html">mod_authz_default</a></code> module becomes very important and must
- be loaded. The main purpose of the <code class="module"><a href="../mod/mod_authz_default.html">mod_authz_default</a></code> module is
- to handle any authorization requests that could not be handled by the
- authorization providers. But when the older access control directives are used,
- it also links access control with authorization and determines if access
- should be granted based on the outcome of each stage. Therefore if the
- older directives do not seem to be working properly, it might be because the
- <code class="module"><a href="../mod/mod_authz_default.html">mod_authz_default</a></code> module has not been loaded.</p>
-
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 479777:645246 (outdated) -->
+<!-- English Revision: 479777:709841 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<?xml version='1.0' encoding='EUC-KR' ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 105989:645246 (outdated) -->
+<!-- English Revision: 105989:709841 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<modulefile>mod_authn_core.xml</modulefile>
<modulefile>mod_authn_dbd.xml</modulefile>
<modulefile>mod_authn_dbm.xml</modulefile>
- <modulefile>mod_authn_default.xml</modulefile>
<modulefile>mod_authn_file.xml</modulefile>
<modulefile>mod_authnz_ldap.xml</modulefile>
<modulefile>mod_authz_core.xml</modulefile>
<modulefile>mod_authz_dbd.xml</modulefile>
<modulefile>mod_authz_dbm.xml</modulefile>
- <modulefile>mod_authz_default.xml</modulefile>
<modulefile>mod_authz_groupfile.xml</modulefile>
<modulefile>mod_authz_host.xml</modulefile>
<modulefile>mod_authz_owner.xml</modulefile>
<modulefile>mod_authn_core.xml</modulefile>
<modulefile>mod_authn_dbd.xml</modulefile>
<modulefile>mod_authn_dbm.xml</modulefile>
- <modulefile>mod_authn_default.xml</modulefile>
<modulefile>mod_authn_file.xml</modulefile>
<modulefile>mod_authnz_ldap.xml</modulefile>
<modulefile>mod_authz_core.xml</modulefile>
<modulefile>mod_authz_dbd.xml</modulefile>
<modulefile>mod_authz_dbm.xml</modulefile>
- <modulefile>mod_authz_default.xml</modulefile>
<modulefile>mod_authz_groupfile.xml</modulefile>
<modulefile>mod_authz_host.xml</modulefile>
<modulefile>mod_authz_owner.xml</modulefile>
<modulefile>mod_authn_core.xml</modulefile>
<modulefile>mod_authn_dbd.xml</modulefile>
<modulefile>mod_authn_dbm.xml</modulefile>
- <modulefile>mod_authn_default.xml</modulefile>
<modulefile>mod_authn_file.xml</modulefile>
<modulefile>mod_authnz_ldap.xml</modulefile>
<modulefile>mod_authz_core.xml</modulefile>
<modulefile>mod_authz_dbd.xml</modulefile>
<modulefile>mod_authz_dbm.xml</modulefile>
- <modulefile>mod_authz_default.xml</modulefile>
<modulefile>mod_authz_groupfile.xml</modulefile>
<modulefile>mod_authz_host.xml</modulefile>
<modulefile>mod_authz_owner.xml</modulefile>
<modulefile>mod_authn_core.xml</modulefile>
<modulefile>mod_authn_dbd.xml</modulefile>
<modulefile>mod_authn_dbm.xml.ja</modulefile>
- <modulefile>mod_authn_default.xml.ja</modulefile>
<modulefile>mod_authn_file.xml.ja</modulefile>
<modulefile>mod_authnz_ldap.xml</modulefile>
<modulefile>mod_authz_core.xml</modulefile>
<modulefile>mod_authz_dbd.xml</modulefile>
<modulefile>mod_authz_dbm.xml</modulefile>
- <modulefile>mod_authz_default.xml.ja</modulefile>
<modulefile>mod_authz_groupfile.xml.ja</modulefile>
<modulefile>mod_authz_host.xml</modulefile>
<modulefile>mod_authz_owner.xml.ja</modulefile>
<modulefile>mod_authn_core.xml</modulefile>
<modulefile>mod_authn_dbd.xml</modulefile>
<modulefile>mod_authn_dbm.xml.ko</modulefile>
- <modulefile>mod_authn_default.xml.ko</modulefile>
<modulefile>mod_authn_file.xml.ko</modulefile>
<modulefile>mod_authnz_ldap.xml</modulefile>
<modulefile>mod_authz_core.xml</modulefile>
<modulefile>mod_authz_dbd.xml</modulefile>
<modulefile>mod_authz_dbm.xml.ko</modulefile>
- <modulefile>mod_authz_default.xml.ko</modulefile>
<modulefile>mod_authz_groupfile.xml.ko</modulefile>
<modulefile>mod_authz_host.xml</modulefile>
<modulefile>mod_authz_owner.xml.ko</modulefile>
<modulefile>mod_authn_core.xml</modulefile>
<modulefile>mod_authn_dbd.xml</modulefile>
<modulefile>mod_authn_dbm.xml</modulefile>
- <modulefile>mod_authn_default.xml</modulefile>
<modulefile>mod_authn_file.xml</modulefile>
<modulefile>mod_authnz_ldap.xml</modulefile>
<modulefile>mod_authz_core.xml</modulefile>
<modulefile>mod_authz_dbd.xml</modulefile>
<modulefile>mod_authz_dbm.xml</modulefile>
- <modulefile>mod_authz_default.xml</modulefile>
<modulefile>mod_authz_groupfile.xml</modulefile>
<modulefile>mod_authz_host.xml</modulefile>
<modulefile>mod_authz_owner.xml</modulefile>
<li><a href="mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a></li>
<li><a href="mod_authn_dbm.html#authdbmtype">AuthDBMType</a></li>
<li><a href="mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile</a></li>
-<li><a href="mod_authn_default.html#authdefaultauthoritative">AuthDefaultAuthoritative</a></li>
<li><a href="mod_auth_digest.html#authdigestalgorithm">AuthDigestAlgorithm</a></li>
<li><a href="mod_auth_digest.html#authdigestdomain">AuthDigestDomain</a></li>
<li><a href="mod_auth_digest.html#authdigestnccheck">AuthDigestNcCheck</a></li>
<li><a href="mod_authz_dbd.html#authzdbdquery">AuthzDBDQuery</a></li>
<li><a href="mod_authz_dbd.html#authzdbdredirectquery">AuthzDBDRedirectQuery</a></li>
<li><a href="mod_authz_dbm.html#authzdbmtype">AuthzDBMType</a></li>
-<li><a href="mod_authz_default.html#authzdefaultauthoritative">AuthzDefaultAuthoritative</a></li>
-<li><a href="mod_authz_core.html#authzmergerules">AuthzMergeRules</a></li>
+<li><a href="mod_authz_core.html#authzprovideralias"><AuthzProviderAlias></a></li>
<li><a href="mod_proxy.html#balancermember" id="B" name="B">BalancerMember</a></li>
<li><a href="mod_setenvif.html#browsermatch">BrowserMatch</a></li>
<li><a href="mod_setenvif.html#browsermatchnocase">BrowserMatchNoCase</a></li>
<li><a href="mpm_common.html#lockfile">LockFile</a></li>
<li><a href="mod_log_config.html#logformat">LogFormat</a></li>
<li><a href="core.html#loglevel">LogLevel</a></li>
-<li><a href="mpm_common.html#maxclients" id="M" name="M">MaxClients</a></li>
+<li><a href="mod_authz_core.html#match" id="M" name="M">Match</a></li>
+<li><a href="mod_authz_core.html#matchall"><MatchAll></a></li>
+<li><a href="mod_authz_core.html#matchany"><MatchAny></a></li>
+<li><a href="mod_authz_core.html#matchnotall"><MatchNotAll></a></li>
+<li><a href="mod_authz_core.html#matchnotany"><MatchNotAny></a></li>
+<li><a href="mpm_common.html#maxclients">MaxClients</a></li>
<li><a href="core.html#maxkeepaliverequests">MaxKeepAliveRequests</a></li>
<li><a href="mpm_common.html#maxmemfree">MaxMemFree</a></li>
<li><a href="mpm_common.html#maxrequestsperchild">MaxRequestsPerChild</a></li>
<li><a href="mod_mem_cache.html#mcacheminobjectsize">MCacheMinObjectSize</a></li>
<li><a href="mod_mem_cache.html#mcacheremovalalgorithm">MCacheRemovalAlgorithm</a></li>
<li><a href="mod_mem_cache.html#mcachesize">MCacheSize</a></li>
+<li><a href="mod_authz_core.html#mergeauthz">MergeAuthz</a></li>
<li><a href="mod_cern_meta.html#metadir">MetaDir</a></li>
<li><a href="mod_cern_meta.html#metafiles">MetaFiles</a></li>
<li><a href="mod_cern_meta.html#metasuffix">MetaSuffix</a></li>
<li><a href="mod_alias.html#redirectmatch">RedirectMatch</a></li>
<li><a href="mod_alias.html#redirectpermanent">RedirectPermanent</a></li>
<li><a href="mod_alias.html#redirecttemp">RedirectTemp</a></li>
-<li><a href="mod_authz_core.html#reject">Reject</a></li>
<li><a href="mod_mime.html#removecharset">RemoveCharset</a></li>
<li><a href="mod_mime.html#removeencoding">RemoveEncoding</a></li>
<li><a href="mod_mime.html#removehandler">RemoveHandler</a></li>
<li><a href="mod_mime.html#removetype">RemoveType</a></li>
<li><a href="mod_headers.html#requestheader">RequestHeader</a></li>
<li><a href="mod_authz_core.html#require">Require</a></li>
-<li><a href="mod_authz_core.html#requirealias"><RequireAlias></a></li>
<li><a href="mod_rewrite.html#rewritebase">RewriteBase</a></li>
<li><a href="mod_rewrite.html#rewritecond">RewriteCond</a></li>
<li><a href="mod_rewrite.html#rewriteengine">RewriteEngine</a></li>
<li><a href="core.html#rlimitmem">RLimitMEM</a></li>
<li><a href="core.html#rlimitnproc">RLimitNPROC</a></li>
<li><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy</a></li>
-<li><a href="mod_authz_core.html#satisfyall"><SatisfyAll></a></li>
-<li><a href="mod_authz_core.html#satisfyone"><SatisfyOne></a></li>
<li><a href="mpm_common.html#scoreboardfile">ScoreBoardFile</a></li>
<li><a href="mod_actions.html#script">Script</a></li>
<li><a href="mod_alias.html#scriptalias">ScriptAlias</a></li>
<dt><a href="mod_authn_core.html">mod_authn_core</a></dt><dd>Core Authentication</dd>
<dt><a href="mod_authn_dbd.html">mod_authn_dbd</a></dt><dd>User authentication using an SQL database</dd>
<dt><a href="mod_authn_dbm.html">mod_authn_dbm</a></dt><dd>User authentication using DBM files</dd>
-<dt><a href="mod_authn_default.html">mod_authn_default</a></dt><dd>Authentication fallback module</dd>
<dt><a href="mod_authn_file.html">mod_authn_file</a></dt><dd>User authentication using text files</dd>
<dt><a href="mod_authnz_ldap.html">mod_authnz_ldap</a></dt><dd>Allows an LDAP directory to be used to store the database
for HTTP Basic authentication.</dd>
<dt><a href="mod_authz_core.html">mod_authz_core</a></dt><dd>Core Authorization</dd>
<dt><a href="mod_authz_dbd.html">mod_authz_dbd</a></dt><dd>Group Authorization and Login using SQL</dd>
<dt><a href="mod_authz_dbm.html">mod_authz_dbm</a></dt><dd>Group authorization using DBM files</dd>
-<dt><a href="mod_authz_default.html">mod_authz_default</a></dt><dd>Authorization fallback module</dd>
<dt><a href="mod_authz_groupfile.html">mod_authz_groupfile</a></dt><dd>Group authorization using plaintext files</dd>
<dt><a href="mod_authz_host.html">mod_authz_host</a></dt><dd>Group authorizations based on host (name or IP
address)</dd>
<div class="warning"><h3>Note</h3>
<p>The directives provided by <code class="module"><a href="../mod/mod_access_compat.html">mod_access_compat</a></code> have
been deprecated by the new authz refactoring. Please see
- <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>. The module
- <code class="module"><a href="../mod/mod_authz_default.html">mod_authz_default</a></code> must also be loaded to provide for
- default authorization handling.</p>
+ <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>.</p>
</div>
<p>In general, access restriction directives apply to all
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 675568 -->
+<!-- English Revision: 675568:709841 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<variants>
<variant>en</variant>
- <variant>ja</variant>
+ <variant outdated="yes">ja</variant>
</variants>
</metafile>
<li><code class="directive"><a href="../mod/mod_authn_core.html#authname">AuthName</a></code></li>
<li><code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code></li>
<li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
-<li><code class="directive"><a href="../mod/mod_authz_core.html#reject">Reject</a></code></li>
-<li><code class="directive"><a href="../mod/mod_access_compat.html#satisfy">Satisfy</a></code> (Deprecated)</li>
-<li><code class="directive"><a href="../mod/mod_authz_core.html#<satisfyall>"><SatisfyAll></a></code></li>
-<li><code class="directive"><a href="../mod/mod_authz_core.html#<satisfyone>"><SatisfyOne></a></code></li>
+<li><code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code></li>
<li><a href="../howto/auth.html">Authentication howto</a></li>
</ul></div>
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 420990 -->
+<!-- English Revision: 420990:709841 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<?xml version="1.0" encoding="EUC-KR" ?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 151408:420990 (outdated) -->
+<!-- English Revision: 151408:709841 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<variants>
<variant>en</variant>
- <variant>ja</variant>
+ <variant outdated="yes">ja</variant>
<variant outdated="yes">ko</variant>
</variants>
</metafile>
<li><code class="directive"><a href="../mod/mod_authn_core.html#authname">AuthName</a></code></li>
<li><code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code></li>
<li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
+<li><code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code></li>
<li><a href="../howto/auth.html">Authentication howto</a></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<?xml version="1.0" encoding="EUC-KR" ?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 105989:674578 (outdated) -->
+<!-- English Revision: 105989:709841 (outdated) -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
<li><code class="directive"><a href="../mod/mod_authn_core.html#authname">AuthName</a></code></li>
<li><code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code></li>
<li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
-<li><code class="directive"><a href="../mod/mod_authz_core.html#reject">Reject</a></code></li>
-<li><code class="directive"><a href="../mod/mod_access_compat.html#satisfy">Satisfy</a></code> (Deprecated)</li>
-<li><code class="directive"><a href="../mod/mod_authz_core.html#<satisfyall>"><SatisfyAll></a></code></li>
-<li><code class="directive"><a href="../mod/mod_authz_core.html#<satisfyone>"><SatisfyOne></a></code></li>
+<li><code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code></li>
<li><a href="../howto/auth.html">Authentication howto</a></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+++ /dev/null
-# GENERATED FROM XML -- DO NOT EDIT
-
-URI: mod_authn_default.html.en
-Content-Language: en
-Content-type: text/html; charset=ISO-8859-1
-
-URI: mod_authn_default.html.ja.utf8
-Content-Language: ja
-Content-type: text/html; charset=UTF-8
-
-URI: mod_authn_default.html.ko.euc-kr
-Content-Language: ko
-Content-type: text/html; charset=EUC-KR
+++ /dev/null
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- This file is generated from xml source: DO NOT EDIT
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- -->
-<title>mod_authn_default - Apache HTTP Server</title>
-<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
-<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
-<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
-<link href="../images/favicon.ico" rel="shortcut icon" /></head>
-<body>
-<div id="page-header">
-<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
-<p class="apache">Apache HTTP Server Version 2.3</p>
-<img alt="" src="../images/feather.gif" /></div>
-<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
-<div id="path">
-<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.3</a> > <a href="./">Modules</a></div>
-<div id="page-content">
-<div id="preamble"><h1>Apache Module mod_authn_default</h1>
-<div class="toplang">
-<p><span>Available Languages: </span><a href="../en/mod/mod_authn_default.html" title="English"> en </a> |
-<a href="../ja/mod/mod_authn_default.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authn_default.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
-</div>
-<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Authentication fallback module</td></tr>
-<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:</a></th><td>authn_default_module</td></tr>
-<tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_authn_default.c</td></tr>
-<tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.1 and later</td></tr></table>
-<h3>Summary</h3>
-
- <p>This module is designed to be the fallback module, if you don't
- have configured an authentication module like
- <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>. It simply rejects any
- credentials supplied by the user.</p>
-</div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#authdefaultauthoritative">AuthDefaultAuthoritative</a></li>
-</ul>
-</div>
-
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthDefaultAuthoritative" id="AuthDefaultAuthoritative">AuthDefaultAuthoritative</a> <a name="authdefaultauthoritative" id="authdefaultauthoritative">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets whether authentication is passed to lower level
-modules</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDefaultAuthoritative On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthDefaultAuthoritative On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_default</td></tr>
-</table>
- <p>Setting the <code class="directive">AuthDefaultAuthoritative</code> directive
- explicitly to <code>Off</code> allows for authentication to be passed on
- to lower level modules (as defined in the <code>modules.c</code>
- files).</p>
-
- <div class="note"><h3>Note</h3>
- <p>Normally there are no lower level modules, since
- <code class="module"><a href="../mod/mod_authn_default.html">mod_authn_default</a></code> is defined to be already on
- a <em>very low</em> level. Therefore you should leave the value of
- <code class="directive">AuthDefaultAuthoritative</code> as default
- (<code>On</code>).</p>
- </div>
-
-</div>
-</div>
-<div class="bottomlang">
-<p><span>Available Languages: </span><a href="../en/mod/mod_authn_default.html" title="English"> en </a> |
-<a href="../ja/mod/mod_authn_default.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authn_default.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
-</div><div id="footer">
-<p class="apache">Copyright 2008 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
-<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div>
-</body></html>
\ No newline at end of file
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" lang="ja" xml:lang="ja"><head><!--
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- This file is generated from xml source: DO NOT EDIT
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- -->
-<title>mod_authn_default - Apache HTTP サーバ</title>
-<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
-<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
-<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
-<link href="../images/favicon.ico" rel="shortcut icon" /></head>
-<body>
-<div id="page-header">
-<p class="menu"><a href="../mod/">モジュール</a> | <a href="../mod/directives.html">ディレクティブ</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">用語</a> | <a href="../sitemap.html">サイトマップ</a></p>
-<p class="apache">Apache HTTP サーバ バージョン 2.3</p>
-<img alt="" src="../images/feather.gif" /></div>
-<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
-<div id="path">
-<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP サーバ</a> > <a href="http://httpd.apache.org/docs/">ドキュメンテーション</a> > <a href="../">バージョン
- 2.3</a> > <a href="./">モジュール</a></div>
-<div id="page-content">
-<div id="preamble"><h1>Apache モジュール mod_authn_default</h1>
-<div class="toplang">
-<p><span>言語: </span><a href="../en/mod/mod_authn_default.html" hreflang="en" rel="alternate" title="English"> en </a> |
-<a href="../ja/mod/mod_authn_default.html" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authn_default.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
-</div>
-<table class="module"><tr><th><a href="module-dict.html#Description">説明:</a></th><td>認証フォールバックモジュール</td></tr>
-<tr><th><a href="module-dict.html#Status">ステータス:</a></th><td>Base</td></tr>
-<tr><th><a href="module-dict.html#ModuleIdentifier">モジュール識別子:</a></th><td>authn_default_module</td></tr>
-<tr><th><a href="module-dict.html#SourceFile">ソースファイル:</a></th><td>mod_authn_default.c</td></tr>
-<tr><th><a href="module-dict.html#Compatibility">互換性:</a></th><td>Apache 2.1 以降</td></tr></table>
-<h3>概要</h3>
-
- <p><code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> のような認証モジュールを
- 設定しなかった場合は、本モジュールがフォールバックとなります。
- ユーザから提示されたどんな証書も単に拒否します。</p>
-</div>
-<div id="quickview"><h3 class="directives">ディレクティブ</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#authdefaultauthoritative">AuthDefaultAuthoritative</a></li>
-</ul>
-</div>
-
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthDefaultAuthoritative" id="AuthDefaultAuthoritative">AuthDefaultAuthoritative</a> <a name="authdefaultauthoritative" id="authdefaultauthoritative">ディレクティブ</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">説明:</a></th><td>次の低次レベルの認証モジュールに制御を渡すかどうかを
-設定します</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">構文:</a></th><td><code>AuthDefaultAuthoritative On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">デフォルト:</a></th><td><code>AuthDefaultAuthoritative On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">コンテキスト:</a></th><td>ディレクトリ, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">上書き:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">ステータス:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">モジュール:</a></th><td>mod_authn_default</td></tr>
-</table>
- <p><code class="directive">AuthDefaultAuthoritative</code> ディレクティブを
- 明示的に <code>Off</code> に設定すると、
- 認証を次の (<code>modules.c</code> ファイルで定義されている)
- 低次レベルのモジュールに渡します。
- </p>
-
- <div class="note"><h3>注意</h3>
- <p><code class="module"><a href="../mod/mod_authn_default.html">mod_authn_default</a></code> 自体が<em>とても低い</em>
- レベルとして定義されていますので、通常はこれよりも低次の
- モジュールは存在しません。ですから
- <code class="directive">AuthDefaultAuthoritative</code> はデフォルト
- (<code>On</code>) のままにしたほうが良いでしょう。</p>
- </div>
-
-</div>
-</div>
-<div class="bottomlang">
-<p><span>言語: </span><a href="../en/mod/mod_authn_default.html" hreflang="en" rel="alternate" title="English"> en </a> |
-<a href="../ja/mod/mod_authn_default.html" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authn_default.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
-</div><div id="footer">
-<p class="apache">Copyright 2008 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
-<p class="menu"><a href="../mod/">モジュール</a> | <a href="../mod/directives.html">ディレクティブ</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">用語</a> | <a href="../sitemap.html">サイトマップ</a></p></div>
-</body></html>
\ No newline at end of file
+++ /dev/null
-<?xml version="1.0" encoding="EUC-KR"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head><!--
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- This file is generated from xml source: DO NOT EDIT
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- -->
-<title>mod_authn_default - Apache HTTP Server</title>
-<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
-<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
-<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
-<link href="../images/favicon.ico" rel="shortcut icon" /></head>
-<body>
-<div id="page-header">
-<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p>
-<p class="apache">Apache HTTP Server Version 2.3</p>
-<img alt="" src="../images/feather.gif" /></div>
-<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
-<div id="path">
-<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.3</a> > <a href="./">¸ðµâ</a></div>
-<div id="page-content">
-<div id="preamble"><h1>¾ÆÆÄÄ¡ ¸ðµâ mod_authn_default</h1>
-<div class="toplang">
-<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/mod/mod_authn_default.html" hreflang="en" rel="alternate" title="English"> en </a> |
-<a href="../ja/mod/mod_authn_default.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authn_default.html" title="Korean"> ko </a></p>
-</div>
-<table class="module"><tr><th><a href="module-dict.html#Description">¼³¸í:</a></th><td>ÃÖÈÄ ÀÎÁõ¸ðµâ</td></tr>
-<tr><th><a href="module-dict.html#Status">»óÅÂ:</a></th><td>Base</td></tr>
-<tr><th><a href="module-dict.html#ModuleIdentifier">¸ðµâ¸í:</a></th><td>authn_default_module</td></tr>
-<tr><th><a href="module-dict.html#SourceFile">¼Ò½ºÆÄÀÏ:</a></th><td>mod_authn_default.c</td></tr>
-<tr><th><a href="module-dict.html#Compatibility">Áö¿ø:</a></th><td>¾ÆÆÄÄ¡ 2.1 ÀÌÈĺÎÅÍ</td></tr></table>
-<h3>¿ä¾à</h3>
-
- <p>ÀÌ ¸ðµâÀº <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>°ú °°Àº ÀÎÁõ¸ðµâÀ»
- ¼³Á¤ÇÏÁö¾ÊÀº ÃÖÈÄÀÇ °æ¿ì ´ë½Å »ç¿ëÇÑ´Ù. ÀÌ ¸ðµâÀº »ç¿ëÀÚ°¡
- Á¦°øÇÑ ¾î¶°ÇÑ Á¤º¸µµ °ÅºÎÇÑ´Ù.</p>
-</div>
-<div id="quickview"><h3 class="directives">Áö½Ã¾îµé</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#authdefaultauthoritative">AuthDefaultAuthoritative</a></li>
-</ul>
-</div>
-
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthDefaultAuthoritative" id="AuthDefaultAuthoritative">AuthDefaultAuthoritative</a> <a name="authdefaultauthoritative" id="authdefaultauthoritative">Áö½Ã¾î</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">¼³¸í:</a></th><td>ÀÎÁõÀ» Àú¼öÁØ ¸ðµâ·Î ³Ñ°ÜÁÙÁö ¿©ºÎ</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">¹®¹ý:</a></th><td><code>AuthDefaultAuthoritative On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">±âº»°ª:</a></th><td><code>AuthDefaultAuthoritative On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">»ç¿ëÀå¼Ò:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override ¿É¼Ç:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">»óÅÂ:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">¸ðµâ:</a></th><td>mod_authn_default</td></tr>
-</table>
- <p><code class="directive">AuthDefaultAuthoritative</code> Áö½Ã¾î¸¦
- Á÷Á¢ <code>Off</code>·Î ¼³Á¤Çϸé (<code>modules.c</code>
- ÆÄÀÏ¿¡¼ Á¤ÀÇÇÑ) Àú¼öÁØ ¸ðµâ·Î ÀÎÁõÀ» ³Ñ°ÜÁØ´Ù.</p>
-
- <div class="note"><h3>ÁÖÀÇ</h3>
- <p><code class="module"><a href="../mod/mod_authn_default.html">mod_authn_default</a></code>°¡ ÀÌ¹Ì <em>¸Å¿ì
- Àú¼öÁØ</em>À¸·Î Á¤ÀǵÇÀֱ⠶§¹®¿¡ º¸Åë ´õ ³·Àº ¸ðµâÀÌ ¾ø´Ù.
- ±×·¯¹Ç·Î <code class="directive">AuthDefaultAuthoritative</code>¸¦
- ±âº»°ª(<code>On</code>)À¸·Î ³²°ÜµÖ¾ß ÇÑ´Ù.</p>
- </div>
-
-</div>
-</div>
-<div class="bottomlang">
-<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/mod/mod_authn_default.html" hreflang="en" rel="alternate" title="English"> en </a> |
-<a href="../ja/mod/mod_authn_default.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authn_default.html" title="Korean"> ko </a></p>
-</div><div id="footer">
-<p class="apache">Copyright 2008 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
-<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p></div>
-</body></html>
\ No newline at end of file
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8" ?>
-<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
-<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 420990 -->
-
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-
-<modulesynopsis metafile="mod_authn_default.xml.meta">
-
-<name>mod_authn_default</name>
-<description>認証フォールバックモジュール</description>
-<status>Base</status>
-<sourcefile>mod_authn_default.c</sourcefile>
-<identifier>authn_default_module</identifier>
-<compatibility>Apache 2.1 以降</compatibility>
-
-<summary>
- <p><module>mod_auth_basic</module> のような認証モジュールを
- 設定しなかった場合は、本モジュールがフォールバックとなります。
- ユーザから提示されたどんな証書も単に拒否します。</p>
-</summary>
-
-<directivesynopsis>
-<name>AuthDefaultAuthoritative</name>
-<description>次の低次レベルの認証モジュールに制御を渡すかどうかを
-設定します</description>
-<syntax>AuthDefaultAuthoritative On|Off</syntax>
-<default>AuthDefaultAuthoritative On</default>
-<contextlist><context>directory</context><context>.htaccess</context>
-</contextlist>
-<override>AuthConfig</override>
-
-<usage>
- <p><directive>AuthDefaultAuthoritative</directive> ディレクティブを
- 明示的に <code>Off</code> に設定すると、
- 認証を次の (<code>modules.c</code> ファイルで定義されている)
- 低次レベルのモジュールに渡します。
- </p>
-
- <note><title>注意</title>
- <p><module>mod_authn_default</module> 自体が<em>とても低い</em>
- レベルとして定義されていますので、通常はこれよりも低次の
- モジュールは存在しません。ですから
- <directive>AuthDefaultAuthoritative</directive> はデフォルト
- (<code>On</code>) のままにしたほうが良いでしょう。</p>
- </note>
-</usage>
-</directivesynopsis>
-
-</modulesynopsis>
+++ /dev/null
-<?xml version="1.0" encoding="EUC-KR" ?>
-<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
-<?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 420990 -->
-
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-
-<modulesynopsis metafile="mod_authn_default.xml.meta">
-
-<name>mod_authn_default</name>
-<description>ÃÖÈÄ ÀÎÁõ¸ðµâ</description>
-<status>Base</status>
-<sourcefile>mod_authn_default.c</sourcefile>
-<identifier>authn_default_module</identifier>
-<compatibility>¾ÆÆÄÄ¡ 2.1 ÀÌÈĺÎÅÍ</compatibility>
-
-<summary>
- <p>ÀÌ ¸ðµâÀº <module>mod_auth_basic</module>°ú °°Àº ÀÎÁõ¸ðµâÀ»
- ¼³Á¤ÇÏÁö¾ÊÀº ÃÖÈÄÀÇ °æ¿ì ´ë½Å »ç¿ëÇÑ´Ù. ÀÌ ¸ðµâÀº »ç¿ëÀÚ°¡
- Á¦°øÇÑ ¾î¶°ÇÑ Á¤º¸µµ °ÅºÎÇÑ´Ù.</p>
-</summary>
-
-<directivesynopsis>
-<name>AuthDefaultAuthoritative</name>
-<description>ÀÎÁõÀ» Àú¼öÁØ ¸ðµâ·Î ³Ñ°ÜÁÙÁö ¿©ºÎ</description>
-<syntax>AuthDefaultAuthoritative On|Off</syntax>
-<default>AuthDefaultAuthoritative On</default>
-<contextlist><context>directory</context><context>.htaccess</context>
-</contextlist>
-<override>AuthConfig</override>
-
-<usage>
- <p><directive>AuthDefaultAuthoritative</directive> Áö½Ã¾î¸¦
- Á÷Á¢ <code>Off</code>·Î ¼³Á¤Çϸé (<code>modules.c</code>
- ÆÄÀÏ¿¡¼ Á¤ÀÇÇÑ) Àú¼öÁØ ¸ðµâ·Î ÀÎÁõÀ» ³Ñ°ÜÁØ´Ù.</p>
-
- <note><title>ÁÖÀÇ</title>
- <p><module>mod_authn_default</module>°¡ ÀÌ¹Ì <em>¸Å¿ì
- Àú¼öÁØ</em>À¸·Î Á¤ÀǵÇÀֱ⠶§¹®¿¡ º¸Åë ´õ ³·Àº ¸ðµâÀÌ ¾ø´Ù.
- ±×·¯¹Ç·Î <directive>AuthDefaultAuthoritative</directive>¸¦
- ±âº»°ª(<code>On</code>)À¸·Î ³²°ÜµÖ¾ß ÇÑ´Ù.</p>
- </note>
-</usage>
-</directivesynopsis>
-
-</modulesynopsis>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8" ?>
-<!-- GENERATED FROM XML: DO NOT EDIT -->
-
-<metafile>
- <basename>mod_authn_default</basename>
- <path>/mod/</path>
- <relpath>..</relpath>
-
- <variants>
- <variant>en</variant>
- <variant>ja</variant>
- <variant>ko</variant>
- </variants>
-</metafile>
usually used in conjunction with an authentication
provider module such as <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> and an
authorization module such as <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code>. It
- also allows for "AND" and "OR" logic to be applied to the
+ also allows for advanced logic to be applied to the
authorization processing.</p>
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#authzmergerules">AuthzMergeRules</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#reject">Reject</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#authzprovideralias"><AuthzProviderAlias></a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#match">Match</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#matchall"><MatchAll></a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#matchany"><MatchAny></a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#matchnotall"><MatchNotAll></a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#matchnotany"><MatchNotAny></a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#mergeauthz">MergeAuthz</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#require">Require</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#requirealias"><RequireAlias></a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#satisfyall"><SatisfyAll></a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#satisfyone"><SatisfyOne></a></li>
</ul>
<h3>Topics</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#authzalias">Creating Authorization Provider Aliases</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#logic">Authorization Containers</a></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<p>Extended authorization providers can be created within the configuration
file and assigned an alias name. The alias providers can then be referenced
- through the <code class="directive"><a href="#require">Require</a></code> directive
+ through the <code class="directive"><a href="#require">Require</a></code> and
+ <code class="directive"><a href="#match">Match</a></code> directives
in the same way as a base authorization provider. Besides the ability to
create and alias an extended provider, it also allows the same extended
authorization provider to be reference by multiple locations.
</p>
<div class="example"><h3>Example</h3><p><code>
- <RequireAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx><br />
+ <AuthzProviderAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx><br />
<span class="indent">
AuthLDAPBindDN cn=youruser,o=ctx<br />
AuthLDAPBindPassword yourpassword<br />
AuthLDAPURL ldap://ldap.host/o=ctx<br />
</span>
- </RequireAlias><br /><br />
+ </AuthzProviderAlias><br /><br />
<AuthnProviderAlias ldap-group ldap-group-alias2
cn=my-other-group,o=dev><br />
<span class="indent">
AuthLDAPBindPassword yourotherpassword<br />
AuthLDAPURL ldap://other.ldap.host/o=dev?cn<br />
</span>
- </RequireAlias><br /><br />
+ </AuthzProviderAlias><br /><br />
Alias /secure /webpages/secure<br />
<Directory /webpages/secure><br />
</code></p></div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="logic" id="logic">Authorization Containers</a></h2>
+
+ <p>The authorization container directives
+ <code class="directive"><a href="#matchall"><MatchAll></a></code>,
+ <code class="directive"><a href="#matchany"><MatchAny></a></code>,
+ <code class="directive"><a href="#matchnotall"><MatchNotAll></a></code>
+ and
+ <code class="directive"><a href="#matchnotany"><MatchNotAny></a></code>
+ may be combined with each other and with the
+ <code class="directive"><a href="#match">Match</a></code>
+ directive to express complex authorization logic.</p>
+
+ <p>The example below expresses the following authorization logic.
+ In order to access the resource, the user must either be the
+ <code>superadmin</code> user, or belong to both the
+ <code>admins</code> group and the <code>Administrators</code> LDAP
+ group and either belong to the <code>sales</code> group or
+ have the LDAP <code>dept</code> attribute <code>sales</code>.
+ Furthermore, in order to access the resource, the user must
+ not belong to either the <code>temps</code> group or the
+ LDAP group <code>Temporary Employees</code>.</p>
+
+ <div class="example"><p><code>
+ <Directory /www/mydocs>
+ <span class="indent">
+ <MatchAny>
+ <span class="indent">
+ Match user superadmin<br />
+ <MatchAll>
+ <span class="indent">
+ Match group admins<br />
+ Match ldap-group cn=Administrators,o=Airius<br />
+ <MatchAny>
+ <span class="indent">
+ Match group sales<br />
+ Match ldap-attribute dept="sales"
+ </span>
+ </MatchAny>
+ </span>
+ </MatchAll>
+ </span>
+ </MatchAny><br />
+ <MatchNotAny>
+ <span class="indent">
+ Match group temps<br />
+ Match ldap-group cn=Temporary Employees,o=Airius
+ </span>
+ </MatchNotAny>
+ </span>
+ </Directory>
+ </code></p></div>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthzProviderAlias" id="AuthzProviderAlias"><AuthzProviderAlias></a> <a name="authzprovideralias" id="authzprovideralias">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enclose a group of directives that represent an
+extension of a base authorization provider and referenced by the specified
+alias</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><AuthzProviderAlias <var>baseProvider Alias Require-Parameters</var>>
+... </AuthzProviderAlias>
+</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
+</table>
+ <p><code class="directive"><AuthzProviderAlias></code> and
+ <code></AuthzProviderAlias></code> are used to enclose a group of
+ authorization directives that can be referenced by the alias name using the
+ directive <code class="directive"><a href="#require">Require</a></code>.</p>
+
+
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthzMergeRules" id="AuthzMergeRules">AuthzMergeRules</a> <a name="authzmergerules" id="authzmergerules">Directive</a></h2>
+<div class="directive-section"><h2><a name="Match" id="Match">Match</a> <a name="match" id="match">Directive</a></h2>
<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Set to 'on' to allow the parent's <Directory> or <Location>
-authz rules to be merged into the current <Directory> or <Location>.
-Set to 'off' to disable merging. If set to 'off', only the authz rules defined in
-the current <Directory> or <Location> block will apply.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzMergeRules on | off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthzMergeRules on</code></td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Tests whether an authenticated user is authorized by
+an authorization provider.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Match [not] <var>entity-name</var>
+[<var>entity-name</var>] ...</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
</table>
- <p>By default all of the authorization rules within a <Directory>
- <Location> hierarchy are merged together to form a single
- logical authorization operation. If AuthzMergeRules is set to 'off', then
- only the authorization rules that are contained with the current
- <Directory> or <Location> block are considered. This
- allows the configuration to determine exactly how authorization will
- be determined without having to take into consideration the
- authorization rules that may exist above it.</p>
+ <p>This directive is similar to the
+ <code class="directive"><a href="#require">Require</a></code> directive;
+ it tests whether an authenticated user is authorized according to
+ a particular authorization provider and the specified restrictions.</p>
+
+ <p>Unlike the <code class="directive"><a href="#require">Require</a></code>
+ directive, it may be used with and inside authorization container
+ directives such as
+ <code class="directive"><a href="#matchall"><MatchAll></a></code>.</p>
+
+ <p>Furthermore, its result may be negated through the use of the
+ <code>not</code> option. As with other negated authorization directives,
+ in this case the <code class="directive">Match</code> directive may only
+ either fail or return a neutral result, and can therefore never
+ independently authorize a request.</p>
+
+ <p>In the following example, all users in the <code>alpha</code>
+ and <code>beta</code> groups are authorized, except for those who
+ are also in the <code>reject</code> group.</p>
+
+ <div class="example"><p><code>
+ <Directory /www/docs>
+ <span class="indent">
+ Match group alpha beta<br />
+ Match not group reject
+ </span>
+ </Directory>
+ </code></p></div>
+
+ <p>When multiple <code class="directive">Match</code> directives are
+ used in a single
+ <a href="../sections.html#mergin">configuration section</a>
+ and are not contained in another authorization directive like
+ <code class="directive"><a href="#matchany"><MatchAny></a></code>,
+ they are implicitly contained within a
+ <code class="directive"><a href="#matchall"><MatchAll></a></code>
+ directive. Thus for the user to be authorized, all such
+ <code class="directive">Match</code> directives must not fail, and
+ at least one must be successful.</p>
+ <div class="note"><code class="directive">Match</code> directives may not be combined
+ with the <code class="directive"><a href="#require">Require</a></code>
+ directive.</div>
+
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="#require">Require</a></code></li>
+<li><a href="#logic">Authorization Containers</a></li>
+<li><a href="../howto/auth.html">Authentication, Authorization,
+ and Access Control</a></li>
+</ul>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="Reject" id="Reject">Reject</a> <a name="reject" id="reject">Directive</a></h2>
+<div class="directive-section"><h2><a name="MatchAll" id="MatchAll"><MatchAll></a> <a name="matchall" id="matchall">Directive</a></h2>
<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Rejects authenticated users or host based
-requests from accessing a resource</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Reject <var>entity-name</var> [<var>entity-name</var>] ...</code></td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enclose a group of authorization directives of which none
+must fail and at least one must succeed for the enclosing directive to
+succeed.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><MatchAll>
+... </MatchAll></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
</table>
- <p>This directive is similar to the
- <code class="directive"><a href="#require">Require</a></code> directive however
- it rejects which authenticated users or host based requests from accessing a resource. The
- restrictions are processed by authorization modules. See the
- <code class="directive"><a href="#require">Require</a></code> directive for details
- about usage.</p>
+ <p><code class="directive"><MatchAll></code> and
+ <code></MatchAll></code> are used to enclose a group of
+ authorization directives of which none must fail and at least one
+ must succeed in order for
+ the <code class="directive"><MatchAll></code> directive to
+ succeed.</p>
+
+ <p>If none of the directives contained within the
+ <code class="directive"><MatchAll></code> directive fails,
+ and at least one succeeds, then the
+ <code class="directive"><MatchAll></code> directive
+ succeeds. If none succeed and none fail, then it returns a
+ neutral result. In all other cases, it fails.</p>
<h3>See also</h3>
<ul>
+<li><a href="#logic">Authorization Containers</a></li>
<li><a href="../howto/auth.html">Authentication, Authorization,
and Access Control</a></li>
-<li><code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code></li>
</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MatchAny" id="MatchAny"><MatchAny></a> <a name="matchany" id="matchany">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enclose a group of authorization directives of which one
+must succeed for the enclosing directive to succeed.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><MatchAny>
+... </MatchAny></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
+</table>
+ <p><code class="directive"><MatchAny></code> and
+ <code></MatchAny></code> are used to enclose a group of
+ authorization directives of which one must succeed in order for
+ the <code class="directive"><MatchAny></code> directive to
+ succeed.</p>
+
+ <p>If one or more of the directives contained within the
+ <code class="directive"><MatchAny></code> directive succeed,
+ then the <code class="directive"><MatchAny></code> directive
+ succeeds. If none succeed and none fail, then it returns a
+ neutral result. In all other cases, it fails.</p>
+
+ <div class="note">Because negated authorization directives are unable to
+ return a successful result, they can not significantly influence
+ the result of a <code class="directive"><MatchAny></code>
+ directive. (At most they could cause the directive to fail in
+ the case where they failed and all other directives returned a
+ neutral value.) Therefore negated authorization directives
+ are not permitted within a <code class="directive"><MatchAny></code>
+ directive.</div>
+
+<h3>See also</h3>
+<ul>
+<li><a href="#logic">Authorization Containers</a></li>
+<li><a href="../howto/auth.html">Authentication, Authorization,
+ and Access Control</a></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MatchNotAll" id="MatchNotAll"><MatchNotAll></a> <a name="matchnotall" id="matchnotall">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enclose a group of authorization directives of which some
+must fail or none must succeed for the enclosing directive to
+not fail.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><MatchNotAll>
+... </MatchNotAll></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
+</table>
+ <p><code class="directive"><MatchNotAll></code> and
+ <code></MatchNotAll></code> are used to enclose a group of
+ authorization directives of which some must fail or none must succeed
+ in order for the
+ <code class="directive"><MatchNotAll></code> directive to
+ not fail.</p>
+
+ <p>If none of the directives contained within the
+ <code class="directive"><MatchNotAll></code> directive
+ fail, and one or more succeed, then the
+ <code class="directive"><MatchNotAll></code> directive fails.
+ In all other cases, it returns a neutral result. Thus as with
+ the other negated authorization directives, it can never independently
+ authorize a request because it can never return a successful result.
+ It can be used, however, to restrict the set of users who are
+ authorized to access a resource.</p>
+
+<h3>See also</h3>
+<ul>
+<li><a href="#logic">Authorization Containers</a></li>
+<li><a href="../howto/auth.html">Authentication, Authorization,
+ and Access Control</a></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MatchNotAny" id="MatchNotAny"><MatchNotAny></a> <a name="matchnotany" id="matchnotany">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enclose a group of authorization directives of which none
+none must succeed for the enclosing directive to not fail.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><MatchNotAny>
+... </MatchNotAny></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
+</table>
+ <p><code class="directive"><MatchNotAny></code> and
+ <code></MatchNotAny></code> are used to enclose a group of
+ authorization directives of which none must succeed
+ in order for the
+ <code class="directive"><MatchNotAny></code> directive to
+ not fail.</p>
+
+ <p>If one or more of the directives contained within the
+ <code class="directive"><MatchNotAny></code> directive succeed,
+ then the <code class="directive"><MatchNotAny></code> directive
+ fails. In all other cases, it returns a neutral result. Thus as with
+ the other negated authorization directives, it can never independently
+ authorize a request because it can never return a successful result.
+ It can be used, however, to restrict the set of users who are
+ authorized to access a resource.</p>
+
+ <div class="note">Because negated authorization directives are unable to
+ return a successful result, they can not significantly influence
+ the result of a <code class="directive"><MatchNotAny></code>
+ directive. Therefore negated authorization directives
+ are not permitted within a
+ <code class="directive"><MatchNotAny></code> directive.</div>
+
+<h3>See also</h3>
+<ul>
+<li><a href="#logic">Authorization Containers</a></li>
+<li><a href="../howto/auth.html">Authentication, Authorization,
+ and Access Control</a></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MergeAuthz" id="MergeAuthz">MergeAuthz</a> <a name="mergeauthz" id="mergeauthz">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Controls the manner in which each configuration section's
+authorization logic is combined with that of preceding configuration
+sections.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MergeAuthz Off | MatchAll | MatchAny</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MergeAuthz Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
+</table>
+ <p>When authorization is enabled, it is normally inherited by each
+ subsequent <a href="../sections.html#mergin">configuration section</a>,
+ unless a different set of authorization directives are specified.
+ This is the default action, which corresponds to an explicit setting
+ of <code>MergeAuthz Off</code>.</p>
+
+ <p>However, there may be circumstances in which is it desirable
+ for a configuration section's authorization to be combined with
+ that of its predecessor while configuration sections are being
+ merged. Two options are available for this case, <code>MatchAll</code>
+ and <code>MatchAny</code>.</p>
+
+ <p>When a configuration section contains <code>AuthzMerge MatchAll</code>
+ or <code>AuthzMerge MatchAny</code>,
+ its authorization logic is combined with that of the nearest
+ predecessor (according to the overall order of configuration sections)
+ which also contains authorization logic as if the two sections
+ were jointly contained within a
+ <code class="directive"><a href="#matchall"><MatchAll></a></code> or
+ <code class="directive"><a href="#matchany"><MatchAny></a></code>
+ directive, respectively.</p>
+
+ <div class="note">The setting of <code class="directive">AuthzMerge</code> is not
+ inherited outside of the configuration section in which it appears.
+ In the following example, only users belonging to group <code>alpha</code>
+ may access <code>/www/docs</code>. Users belonging to either
+ groups <code>alpha</code> or <code>beta</code> may access
+ <code>/www/docs/ab</code>. However, the default <code>Off</code>
+ setting of <code class="directive">AuthzMerge</code> applies to the
+ <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code>
+ configuration section for <code>/www/docs/ab/gamma</code>, so
+ that section's authorization directives override those of the
+ preceding sections. Thus only users belong to the group
+ <code>gamma</code> may access <code>/www/docs/ab/gamma</code>.</div>
+
+ <div class="example"><p><code>
+ <Directory /www/docs>
+ <span class="indent">
+ AuthType Basic<br />
+ AuthName Documents<br />
+ AuthBasicProvider file<br />
+ AuthUserFile /usr/local/apache/passwd/passwords<br />
+ Match group alpha
+ </span>
+ </Directory><br />
+ <br />
+ <Directory /www/docs/ab>
+ <span class="indent">
+ AuthzMerge MatchAny<br />
+ Match group beta
+ </span>
+ </Directory><br />
+ <br />
+ <Directory /www/docs/ab/gamma>
+ <span class="indent">
+ Match group gamma
+ </span>
+ </Directory>
+ </code></p></div>
+
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="Require" id="Require">Require</a> <a name="require" id="require">Directive</a></h2>
<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Selects which authenticated users can access
-a resource</td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Tests whether an authenticated user is authorized by
+an authorization provider.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Require <var>entity-name</var> [<var>entity-name</var>] ...</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
</table>
- <p>This directive selects which authenticated users can access a
- resource. The restrictions are processed by authorization
- modules. Some of the allowed syntaxes provided by
+ <p>This directive tests whether an authenticated user is authorized
+ according to a particular authorization provider and the specified
+ restrictions. Some of the allowed syntaxes provided by
<code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code> and
<code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> are:</p>
place the <code class="directive">Require</code> statement into a
<code class="directive"><a href="../mod/core.html#limit"><Limit></a></code>
section.</p>
-
-
-<h3>See also</h3>
-<ul>
-<li><a href="../howto/auth.html">Authentication, Authorization,
- and Access Control</a></li>
-<li><code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="RequireAlias" id="RequireAlias"><RequireAlias></a> <a name="requirealias" id="requirealias">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enclose a group of directives that represent an
-extension of a base authorization provider and referenced by the specified
-alias</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><RequireAlias <var>baseProvider Alias Require-Parameters</var>>
-... </RequireAlias>
-</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
-</table>
- <p><code class="directive"><RequireAlias></code> and
- <code></RequireAlias></code> are used to enclose a group of
- authorization directives that can be referenced by the alias name using the
- directive <code class="directive"><a href="# require"> Require</a></code>.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SatisfyAll" id="SatisfyAll"><SatisfyAll></a> <a name="satisfyall" id="satisfyall">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enclose a group of authorization directives that must all
-be satisfied in order to grant access to a resource. This block allows
-for 'AND' logic to be applied to various authorization providers.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><SatisfyAll>
-... </SatisfyAll></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
-</table>
- <p><code class="directive"><SatisfyAll></code> and
- <code></SatisfyAll></code> are used to enclose a group of
- authorization directives that must all be satisfied in order to
- grant access to a resource.</p>
-
- <p>The <code class="directive"><a href="# <satisfyall>">
- <SatisfyAll></a></code> block as well as the
- <code class="directive"><a href="#<satisfyone>"><SatisfyOne></a></code> block
- allow you to apply "AND" and "OR" logic to the authorization processing.
- For example the following authorization block would apply the logic:</p>
-
- <div class="example"><p><code>
- # if ((user == "John") ||<br />
- # ((Group == "admin")<br />
- # && (ldap-group <ldap-object> contains auth'ed_user)<br />
- # && ((ldap-attribute dept == "sales")<br />
- # || (file-group contains auth'ed_user))))<br />
- # then<br />
- # auth_granted<br />
- # else<br />
- # auth_denied<br />
- #<br />
- <Directory /www/mydocs><br />
- <span class="indent">
- Authname ...<br />
- AuthBasicProvider ...<br />
- ...<br />
- Require user John<br />
- <SatisfyAll><br />
- <span class="indent">
- Require Group admins<br />
- Require ldap-group cn=mygroup,o=foo<br />
- <SatisfyOne><br />
- <span class="indent">
- Require ldap-attribute dept="sales"<br />
- Require file-group<br />
- </span>
- </SatisfyOne><br />
- </span>
- </SatisfyAll><br />
- </span>
- </Directory>
- </code></p></div>
-
-<h3>See also</h3>
-<ul>
-<li><a href="../howto/auth.html">Authentication, Authorization,
- and Access Control</a></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SatisfyOne" id="SatisfyOne"><SatisfyOne></a> <a name="satisfyone" id="satisfyone">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enclose a group of authorization directives that must
-satisfy at least one in order to grant access to a resource. This
-block allows for 'OR' logic to be applied to various authorization
-providers.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><SatisfyOne>
-... </SatisfyOne></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_core</td></tr>
-</table>
- <p><code class="directive"><SatisfyOne></code> and
- <code></SatisfyOne></code> are used to enclose a group of
- authorization directives that must satisfy at least one in order to
- grant access to a resource.</p>
-
- <p>See the <code class="directive"><a href="# <satisfyall>">
- <SatisfyAll></a></code> directive for a usage example.</p>
+ <p>When multiple <code class="directive">Require</code> directives are
+ used in a single
+ <a href="../sections.html#mergin">configuration section</a>,
+ the first one to authorize a user authorizes the entire request,
+ and subsequent <code class="directive">Require</code> directives are
+ ignored. In other words, all <code class="directive">Require</code> directives
+ are enclosed in an implied <code class="directive"><a href="#matchany"><MatchAny></a></code> directive.</p>
+ <div class="note"><code class="directive">Require</code> directives may not be combined
+ with the <code class="directive"><a href="#match">Match</a></code> directive
+ or any authorization container directives, such as
+ <code class="directive"><a href="#matchall"><MatchAll></a></code>.</div>
<h3>See also</h3>
<ul>
<li><a href="../howto/auth.html">Authentication, Authorization,
and Access Control</a></li>
+<li><code class="module"><a href="../mod/mod_authn_core.html">mod_authn_core</a></code></li>
+<li><code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code></li>
</ul>
</div>
</div>
</ul><h3>See also</h3>
<ul class="seealso">
<li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
-<li>
- <code class="directive"><a href="../mod/mod_authz_core.html#authzmergerules">AuthzMergeRules</a></code>
-</li>
<li>
<code class="directive"><a href="../mod/mod_authn_dbd.html#authdbduserpwquery">AuthDBDUserPWQuery</a></code>
</li>
"SELECT password FROM authn WHERE user = %s AND login = 'true'"
# mod_authz_core configuration for mod_authz_dbd
- AuthzMergeRules Off
Require dbd-group team
# mod_authz_dbd configuration
"SELECT password FROM authn WHERE user = %s"
# dbd-login action executes a statement to log user in
- AuthzMergeRules Off
Require dbd-login
AuthzDBDQuery \
"UPDATE authn SET login = 'true' WHERE user = %s"
<Files logout.html>
# dbd-logout action executes a statement to log user out
- AuthzMergeRules Off
Require dbd-logout
AuthzDBDQuery \
"UPDATE authn SET login = 'false' WHERE user = %s"
+++ /dev/null
-# GENERATED FROM XML -- DO NOT EDIT
-
-URI: mod_authz_default.html.en
-Content-Language: en
-Content-type: text/html; charset=ISO-8859-1
-
-URI: mod_authz_default.html.ja.utf8
-Content-Language: ja
-Content-type: text/html; charset=UTF-8
-
-URI: mod_authz_default.html.ko.euc-kr
-Content-Language: ko
-Content-type: text/html; charset=EUC-KR
+++ /dev/null
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- This file is generated from xml source: DO NOT EDIT
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- -->
-<title>mod_authz_default - Apache HTTP Server</title>
-<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
-<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
-<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
-<link href="../images/favicon.ico" rel="shortcut icon" /></head>
-<body>
-<div id="page-header">
-<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
-<p class="apache">Apache HTTP Server Version 2.3</p>
-<img alt="" src="../images/feather.gif" /></div>
-<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
-<div id="path">
-<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.3</a> > <a href="./">Modules</a></div>
-<div id="page-content">
-<div id="preamble"><h1>Apache Module mod_authz_default</h1>
-<div class="toplang">
-<p><span>Available Languages: </span><a href="../en/mod/mod_authz_default.html" title="English"> en </a> |
-<a href="../ja/mod/mod_authz_default.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authz_default.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
-</div>
-<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Authorization fallback module</td></tr>
-<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:</a></th><td>authz_default_module</td></tr>
-<tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_authz_default.c</td></tr>
-<tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.1 and later</td></tr></table>
-<h3>Summary</h3>
-
- <p>This module is designed to be the fallback module, if you don't
- have configured an authorization module like
- <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code> or <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code>.
- It simply rejects any authorization request.</p>
-</div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#authzdefaultauthoritative">AuthzDefaultAuthoritative</a></li>
-</ul>
-</div>
-
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthzDefaultAuthoritative" id="AuthzDefaultAuthoritative">AuthzDefaultAuthoritative</a> <a name="authzdefaultauthoritative" id="authzdefaultauthoritative">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets whether authorization is passed to lower level
-modules</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDefaultAuthoritative On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthzDefaultAuthoritative On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_default</td></tr>
-</table>
- <p>Setting the <code class="directive">AuthzDefaultAuthoritative</code> directive
- explicitly to <code>Off</code> allows for authorization to be passed on
- to lower level modules (as defined in the <code>modules.c</code>
- files).</p>
-
- <div class="note"><h3>Note</h3>
- <p>Normally there are no lower level modules, since
- <code class="module"><a href="../mod/mod_authz_default.html">mod_authz_default</a></code> is defined to be already on
- a <em>very low</em> level. Therefore you should leave the value of
- <code class="directive">AuthzDefaultAuthoritative</code> as default
- (<code>On</code>).</p>
- </div>
-
-</div>
-</div>
-<div class="bottomlang">
-<p><span>Available Languages: </span><a href="../en/mod/mod_authz_default.html" title="English"> en </a> |
-<a href="../ja/mod/mod_authz_default.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authz_default.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
-</div><div id="footer">
-<p class="apache">Copyright 2008 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
-<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div>
-</body></html>
\ No newline at end of file
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" lang="ja" xml:lang="ja"><head><!--
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- This file is generated from xml source: DO NOT EDIT
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- -->
-<title>mod_authz_default - Apache HTTP サーバ</title>
-<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
-<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
-<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
-<link href="../images/favicon.ico" rel="shortcut icon" /></head>
-<body>
-<div id="page-header">
-<p class="menu"><a href="../mod/">モジュール</a> | <a href="../mod/directives.html">ディレクティブ</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">用語</a> | <a href="../sitemap.html">サイトマップ</a></p>
-<p class="apache">Apache HTTP サーバ バージョン 2.3</p>
-<img alt="" src="../images/feather.gif" /></div>
-<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
-<div id="path">
-<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP サーバ</a> > <a href="http://httpd.apache.org/docs/">ドキュメンテーション</a> > <a href="../">バージョン
- 2.3</a> > <a href="./">モジュール</a></div>
-<div id="page-content">
-<div id="preamble"><h1>Apache モジュール mod_authz_default</h1>
-<div class="toplang">
-<p><span>言語: </span><a href="../en/mod/mod_authz_default.html" hreflang="en" rel="alternate" title="English"> en </a> |
-<a href="../ja/mod/mod_authz_default.html" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authz_default.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
-</div>
-<table class="module"><tr><th><a href="module-dict.html#Description">説明:</a></th><td>承認フォールバックモジュール</td></tr>
-<tr><th><a href="module-dict.html#Status">ステータス:</a></th><td>Base</td></tr>
-<tr><th><a href="module-dict.html#ModuleIdentifier">モジュール識別子:</a></th><td>authz_default_module</td></tr>
-<tr><th><a href="module-dict.html#SourceFile">ソースファイル:</a></th><td>mod_authz_default.c</td></tr>
-<tr><th><a href="module-dict.html#Compatibility">互換性:</a></th><td>Apache 2.1 以降</td></tr></table>
-<h3>概要</h3>
-
- <p>このモジュールは <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code> や
- <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> といった承認モジュールを
- 設定しなかった場合のフォールバックモジュールとして設計されています。
- どのような承認リクエストも単に拒否します。</p>
-</div>
-<div id="quickview"><h3 class="directives">ディレクティブ</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#authzdefaultauthoritative">AuthzDefaultAuthoritative</a></li>
-</ul>
-</div>
-
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthzDefaultAuthoritative" id="AuthzDefaultAuthoritative">AuthzDefaultAuthoritative</a> <a name="authzdefaultauthoritative" id="authzdefaultauthoritative">ディレクティブ</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">説明:</a></th><td>承認が低位のモジュールに渡されるかどうかを設定する</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">構文:</a></th><td><code>AuthzDefaultAuthoritative On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">デフォルト:</a></th><td><code>AuthzDefaultAuthoritative On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">コンテキスト:</a></th><td>ディレクトリ, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">上書き:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">ステータス:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">モジュール:</a></th><td>mod_authz_default</td></tr>
-</table>
- <p><code class="directive">AuthzDefaultAuthoritative</code> ディレクティブを
- 明示的に <code>Off</code> に設定すると
- 認証を次の (<code>modules.c</code> ファイルで定義されている)
- 低位のモジュールに渡すことを許可します。</p>
-
- <div class="note"><h3>注意</h3>
- <p><code class="module"><a href="../mod/mod_authz_default.html">mod_authz_default</a></code> 自体が<em>とても低い</em>
- レベルとして定義されていますので、通常はこれよりも低次の
- モジュールは存在しません。ですから
- <code class="directive">AuthDefaultAuthoritative</code> はデフォルト
- (<code>On</code>) のままにしたほうが良いでしょう。</p>
- </div>
-
-</div>
-</div>
-<div class="bottomlang">
-<p><span>言語: </span><a href="../en/mod/mod_authz_default.html" hreflang="en" rel="alternate" title="English"> en </a> |
-<a href="../ja/mod/mod_authz_default.html" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authz_default.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p>
-</div><div id="footer">
-<p class="apache">Copyright 2008 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
-<p class="menu"><a href="../mod/">モジュール</a> | <a href="../mod/directives.html">ディレクティブ</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">用語</a> | <a href="../sitemap.html">サイトマップ</a></p></div>
-</body></html>
\ No newline at end of file
+++ /dev/null
-<?xml version="1.0" encoding="EUC-KR"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head><!--
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- This file is generated from xml source: DO NOT EDIT
- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- -->
-<title>mod_authz_default - Apache HTTP Server</title>
-<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
-<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
-<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
-<link href="../images/favicon.ico" rel="shortcut icon" /></head>
-<body>
-<div id="page-header">
-<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p>
-<p class="apache">Apache HTTP Server Version 2.3</p>
-<img alt="" src="../images/feather.gif" /></div>
-<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
-<div id="path">
-<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.3</a> > <a href="./">¸ðµâ</a></div>
-<div id="page-content">
-<div id="preamble"><h1>¾ÆÆÄÄ¡ ¸ðµâ mod_authz_default</h1>
-<div class="toplang">
-<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/mod/mod_authz_default.html" hreflang="en" rel="alternate" title="English"> en </a> |
-<a href="../ja/mod/mod_authz_default.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authz_default.html" title="Korean"> ko </a></p>
-</div>
-<table class="module"><tr><th><a href="module-dict.html#Description">¼³¸í:</a></th><td>ÃÖÈÄ ±ÇÇѺο©¸ðµâ</td></tr>
-<tr><th><a href="module-dict.html#Status">»óÅÂ:</a></th><td>Base</td></tr>
-<tr><th><a href="module-dict.html#ModuleIdentifier">¸ðµâ¸í:</a></th><td>authz_default_module</td></tr>
-<tr><th><a href="module-dict.html#SourceFile">¼Ò½ºÆÄÀÏ:</a></th><td>mod_authz_default.c</td></tr>
-<tr><th><a href="module-dict.html#Compatibility">Áö¿ø:</a></th><td>¾ÆÆÄÄ¡ 2.1 ÀÌÈĺÎÅÍ</td></tr></table>
-<h3>¿ä¾à</h3>
-
- <p>ÀÌ ¸ðµâÀº <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code>³ª
- <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code>¿Í °°Àº ±ÇÇѺο©¸ðµâÀ»
- ¼³Á¤ÇÏÁö¾ÊÀº ÃÖÈÄÀÇ °æ¿ì ´ë½Å »ç¿ëÇÑ´Ù. ÀÌ ¸ðµâÀº ¸ðµç ±ÇÇѺο©
- ¿äûÀ» °ÅºÎÇÑ´Ù.</p>
-</div>
-<div id="quickview"><h3 class="directives">Áö½Ã¾îµé</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#authzdefaultauthoritative">AuthzDefaultAuthoritative</a></li>
-</ul>
-</div>
-
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthzDefaultAuthoritative" id="AuthzDefaultAuthoritative">AuthzDefaultAuthoritative</a> <a name="authzdefaultauthoritative" id="authzdefaultauthoritative">Áö½Ã¾î</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">¼³¸í:</a></th><td>±ÇÇѺο©¸¦ Àú¼öÁØ ¸ðµâ·Î ³Ñ°ÜÁÙÁö ¿©ºÎ</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">¹®¹ý:</a></th><td><code>AuthzDefaultAuthoritative On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">±âº»°ª:</a></th><td><code>AuthzDefaultAuthoritative On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">»ç¿ëÀå¼Ò:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override ¿É¼Ç:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">»óÅÂ:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">¸ðµâ:</a></th><td>mod_authz_default</td></tr>
-</table>
- <p><code class="directive">AuthzDefaultAuthoritative</code> Áö½Ã¾î¸¦
- Á÷Á¢ <code>Off</code>·Î ¼³Á¤Çϸé (<code>modules.c</code>
- ÆÄÀÏ¿¡¼ Á¤ÀÇÇÑ) Àú¼öÁØ ¸ðµâ·Î ±ÇÇѺο©¸¦ ³Ñ°ÜÁØ´Ù.</p>
-
- <div class="note"><h3>ÁÖÀÇ</h3>
- <p><code class="module"><a href="../mod/mod_authz_default.html">mod_authz_default</a></code>°¡ ÀÌ¹Ì <em>¸Å¿ì
- Àú¼öÁØ</em>À¸·Î Á¤ÀǵÇÀֱ⠶§¹®¿¡ º¸Åë ´õ ³·Àº ¸ðµâÀÌ
- ¾ø´Ù. ±×·¯¹Ç·Î
- <code class="directive">AuthzDefaultAuthoritative</code>¸¦
- ±âº»°ª(<code>On</code>)À¸·Î ³²°ÜµÖ¾ß ÇÑ´Ù.</p>
- </div>
-
-</div>
-</div>
-<div class="bottomlang">
-<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/mod/mod_authz_default.html" hreflang="en" rel="alternate" title="English"> en </a> |
-<a href="../ja/mod/mod_authz_default.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
-<a href="../ko/mod/mod_authz_default.html" title="Korean"> ko </a></p>
-</div><div id="footer">
-<p class="apache">Copyright 2008 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
-<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p></div>
-</body></html>
\ No newline at end of file
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8" ?>
-<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
-<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 420990 -->
-
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-
-<modulesynopsis metafile="mod_authz_default.xml.meta">
-
-<name>mod_authz_default</name>
-<description>承認フォールバックモジュール</description>
-<status>Base</status>
-<sourcefile>mod_authz_default.c</sourcefile>
-<identifier>authz_default_module</identifier>
-<compatibility>Apache 2.1 以降</compatibility>
-
-<summary>
- <p>このモジュールは <module>mod_authz_user</module> や
- <module>mod_authz_groupfile</module> といった承認モジュールを
- 設定しなかった場合のフォールバックモジュールとして設計されています。
- どのような承認リクエストも単に拒否します。</p>
-</summary>
-
-<directivesynopsis>
-<name>AuthzDefaultAuthoritative</name>
-<description>承認が低位のモジュールに渡されるかどうかを設定する</description>
-<syntax>AuthzDefaultAuthoritative On|Off</syntax>
-<default>AuthzDefaultAuthoritative On</default>
-<contextlist><context>directory</context><context>.htaccess</context>
-</contextlist>
-<override>AuthConfig</override>
-
-<usage>
- <p><directive>AuthzDefaultAuthoritative</directive> ディレクティブを
- 明示的に <code>Off</code> に設定すると
- 認証を次の (<code>modules.c</code> ファイルで定義されている)
- 低位のモジュールに渡すことを許可します。</p>
-
- <note><title>注意</title>
- <p><module>mod_authz_default</module> 自体が<em>とても低い</em>
- レベルとして定義されていますので、通常はこれよりも低次の
- モジュールは存在しません。ですから
- <directive>AuthDefaultAuthoritative</directive> はデフォルト
- (<code>On</code>) のままにしたほうが良いでしょう。</p>
- </note>
-</usage>
-</directivesynopsis>
-
-</modulesynopsis>
+++ /dev/null
-<?xml version="1.0" encoding="EUC-KR" ?>
-<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
-<?xml-stylesheet type="text/xsl" href="../style/manual.ko.xsl"?>
-<!-- English Revision: 420990 -->
-
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-
-<modulesynopsis metafile="mod_authz_default.xml.meta">
-
-<name>mod_authz_default</name>
-<description>ÃÖÈÄ ±ÇÇѺο©¸ðµâ</description>
-<status>Base</status>
-<sourcefile>mod_authz_default.c</sourcefile>
-<identifier>authz_default_module</identifier>
-<compatibility>¾ÆÆÄÄ¡ 2.1 ÀÌÈĺÎÅÍ</compatibility>
-
-<summary>
- <p>ÀÌ ¸ðµâÀº <module>mod_authz_user</module>³ª
- <module>mod_authz_groupfile</module>¿Í °°Àº ±ÇÇѺο©¸ðµâÀ»
- ¼³Á¤ÇÏÁö¾ÊÀº ÃÖÈÄÀÇ °æ¿ì ´ë½Å »ç¿ëÇÑ´Ù. ÀÌ ¸ðµâÀº ¸ðµç ±ÇÇѺο©
- ¿äûÀ» °ÅºÎÇÑ´Ù.</p>
-</summary>
-
-<directivesynopsis>
-<name>AuthzDefaultAuthoritative</name>
-<description>±ÇÇѺο©¸¦ Àú¼öÁØ ¸ðµâ·Î ³Ñ°ÜÁÙÁö ¿©ºÎ</description>
-<syntax>AuthzDefaultAuthoritative On|Off</syntax>
-<default>AuthzDefaultAuthoritative On</default>
-<contextlist><context>directory</context><context>.htaccess</context>
-</contextlist>
-<override>AuthConfig</override>
-
-<usage>
- <p><directive>AuthzDefaultAuthoritative</directive> Áö½Ã¾î¸¦
- Á÷Á¢ <code>Off</code>·Î ¼³Á¤Çϸé (<code>modules.c</code>
- ÆÄÀÏ¿¡¼ Á¤ÀÇÇÑ) Àú¼öÁØ ¸ðµâ·Î ±ÇÇѺο©¸¦ ³Ñ°ÜÁØ´Ù.</p>
-
- <note><title>ÁÖÀÇ</title>
- <p><module>mod_authz_default</module>°¡ ÀÌ¹Ì <em>¸Å¿ì
- Àú¼öÁØ</em>À¸·Î Á¤ÀǵÇÀֱ⠶§¹®¿¡ º¸Åë ´õ ³·Àº ¸ðµâÀÌ
- ¾ø´Ù. ±×·¯¹Ç·Î
- <directive>AuthzDefaultAuthoritative</directive>¸¦
- ±âº»°ª(<code>On</code>)À¸·Î ³²°ÜµÖ¾ß ÇÑ´Ù.</p>
- </note>
-</usage>
-</directivesynopsis>
-
-</modulesynopsis>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8" ?>
-<!-- GENERATED FROM XML: DO NOT EDIT -->
-
-<metafile>
- <basename>mod_authz_default</basename>
- <path>/mod/</path>
- <relpath>..</relpath>
-
- <variants>
- <variant>en</variant>
- <variant>ja</variant>
- <variant>ko</variant>
- </variants>
-</metafile>
<p>The authorization providers implemented by <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code> are
registered using the <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> or
- <code class="directive"><a href="../mod/mod_authz_core.html#reject">Reject</a></code> directives. These
+ <code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code> directives. These
directives can be referenced within a
<code class="directive"><a href="../mod/core.html#directory"><Directory></a></code>,
<code class="directive"><a href="../mod/core.html#files"><Files></a></code>,
<li><a href="../howto/auth.html">Authentication, Authorization,
and Access Control</a></li>
<li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
-<li><code class="directive"><a href="../mod/mod_authz_core.html#reject">Reject</a></code></li>
+<li><code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
<p>Apache's <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> and
- <code class="directive"><a href="../mod/mod_authz_core.html#reject">Reject</a></code> directives are
+ <code class="directive"><a href="../mod/mod_authz_core.html#match">Match</a></code> directives are
used during the authorization phase to ensure that a user is allowed or
denied access to a resource. mod_authz_host extends the
authorization types with <code>env</code>, <code>ip</code>,
store passwords</td></tr>
<tr><td><a href="mod_authn_dbm.html#authdbmuserfile">AuthDBMUserFile <var>file-path</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the name of a database file containing the list of users and
passwords for authentication</td></tr>
-<tr class="odd"><td><a href="mod_authn_default.html#authdefaultauthoritative">AuthDefaultAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether authentication is passed to lower level
-modules</td></tr>
-<tr><td><a href="mod_auth_digest.html#authdigestalgorithm">AuthDigestAlgorithm MD5|MD5-sess</a></td><td> MD5 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Selects the algorithm used to calculate the challenge and
+<tr class="odd"><td><a href="mod_auth_digest.html#authdigestalgorithm">AuthDigestAlgorithm MD5|MD5-sess</a></td><td> MD5 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Selects the algorithm used to calculate the challenge and
response hashes in digest authentication</td></tr>
-<tr class="odd"><td><a href="mod_auth_digest.html#authdigestdomain">AuthDigestDomain <var>URI</var> [<var>URI</var>] ...</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">URIs that are in the same protection space for digest
+<tr><td><a href="mod_auth_digest.html#authdigestdomain">AuthDigestDomain <var>URI</var> [<var>URI</var>] ...</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">URIs that are in the same protection space for digest
authentication</td></tr>
-<tr><td><a href="mod_auth_digest.html#authdigestnccheck">AuthDigestNcCheck On|Off</a></td><td> Off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables or disables checking of the nonce-count sent by the
+<tr class="odd"><td><a href="mod_auth_digest.html#authdigestnccheck">AuthDigestNcCheck On|Off</a></td><td> Off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables or disables checking of the nonce-count sent by the
server</td></tr>
-<tr class="odd"><td><a href="mod_auth_digest.html#authdigestnonceformat">AuthDigestNonceFormat <var>format</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determines how the nonce is generated</td></tr>
-<tr><td><a href="mod_auth_digest.html#authdigestnoncelifetime">AuthDigestNonceLifetime <var>seconds</var></a></td><td> 300 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">How long the server nonce is valid</td></tr>
-<tr
class="odd"><td><a href="mod_auth_digest.html#authdigestprovider">AuthDigestProvider <var>provider-name</var>
-[<var>provider-name</var>] ...</a></td><td> file </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
-<tr><td><a href="mod_auth_digest.html#authdigestqop">AuthDigestQop none|auth|auth-int [auth|auth-int]</a></td><td> auth </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Determines the quality-of-protection to use in digest
+<tr><td><a href="mod_auth_digest.html#authdigestnonceformat">AuthDigestNonceFormat <var>format</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Determines how the nonce is generated</td></tr>
+<tr class="odd"><td><a href="mod_auth_digest.html#authdigestnoncelifetime">AuthDigestNonceLifetime <var>seconds</var></a></td><td> 300 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">How long the server nonce is valid</td></tr>
+<tr><td><a href="mod_auth_digest.html#authdigestprovider">AuthDigestProvider <var>provider-name</var>
+[<var>provider-name</var>] ...</a></td><td> file </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
+<tr class="odd"><td><a href="mod_auth_digest.html#authdigestqop">AuthDigestQop none|auth|auth-int [auth|auth-int]</a></td><td> auth </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the quality-of-protection to use in digest
authentication</td></tr>
-<tr class="odd"><td><a href="mod_auth_digest.html#authdigestshmemsize">AuthDigestShmemSize <var>size</var></a></td><td> 1000 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The amount of shared memory to allocate for keeping track
+<tr><td><a href="mod_auth_digest.html#authdigestshmemsize">AuthDigestShmemSize <var>size</var></a></td><td> 1000 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">The amount of shared memory to allocate for keeping track
of clients</td></tr>
-<tr><td><a href="mod_auth_form.html#authformauthoritative">AuthFormAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets whether authorization and authentication are passed to
+<tr class="odd"><td><a href="mod_auth_form.html#authformauthoritative">AuthFormAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether authorization and authentication are passed to
lower level modules</td></tr>
-<tr class="odd"><td><a href="mod_auth_form.html#authformbody">AuthFormBody <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The name of a form field carrying the body of the request to attempt on successful login</td></tr>
-<tr><td><a href="mod_auth_form.html#authformdisablenostore">AuthFormDisableNoStore <var>On|Off</var></a></td><td> Off </td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">Disable the CacheControl no-store header on the login page</td></tr>
-<tr class="odd"><td><a href="mod_auth_form.html#authformfakebasicauth">AuthFormFakeBasicAuth <var>On|Off</var></a></td><td> Off </td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Fake a Basic Authentication header</td></tr>
-<tr><td><a href="mod_auth_form.html#authformlocation">AuthFormLocation <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">The name of a form field carrying a URL to redirect to on successful login</td></tr>
-<tr class="odd"><td><a href="mod_auth_form.html#authformloginrequiredlocation">AuthFormLoginRequiredLocation <var>url</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The URL of the page to be redirected to should login be required</td></tr>
-<tr><td><a href="mod_auth_form.html#authformloginsuccesslocation">AuthFormLoginSuccessLocation <var>url</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">The URL of the page to be redirected to should login be successful</td></tr>
-<tr class="odd"><td><a href="mod_auth_form.html#authformlogoutlocation">AuthFormLogoutLocation <var>uri</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The URL to redirect to after a user has logged out</td></tr>
-<tr><td><a href="mod_auth_form.html#authformmethod">AuthFormMethod <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">The name of a form field carrying the method of the request to attempt on successful login</td></tr>
-<tr class="odd"><td><a href="mod_auth_form.html#authformmimetype">AuthFormMimetype <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The name of a form field carrying the mimetype of the body of the request to attempt on successful login</td></tr>
-<tr><td><a href="mod_auth_form.html#authformpassword">AuthFormPassword <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">The name of a form field carrying the login password</td></tr>
-<tr
class="odd"><td><a href="mod_auth_form.html#authformprovider">AuthFormProvider <var>provider-name</var>
-[<var>provider-name</var>] ...</a></td><td> file </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
-<tr><td><a href="mod_auth_form.html#authformsitepassphrase">AuthFormSitePassphrase <var>secret</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">Bypass authentication checks for high traffic sites</td></tr>
-<tr class="odd"><td><a href="mod_auth_form.html#authformsize">AuthFormBody <var>size</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The largest size of the form in bytes that will be parsed for the login details</td></tr>
-<tr><td><a href="mod_auth_form.html#authformusername">AuthFormUsername <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">The name of a form field carrying the login username</td></tr>
-<tr class="odd"><td><a href="mod_authz_groupfile.html#authgroupfile">AuthGroupFile <var>file-path</var></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the name of a text file containing the list
+<tr><td><a href="mod_auth_form.html#authformbody">AuthFormBody <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">The name of a form field carrying the body of the request to attempt on successful login</td></tr>
+<tr class="odd"><td><a href="mod_auth_form.html#authformdisablenostore">AuthFormDisableNoStore <var>On|Off</var></a></td><td> Off </td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Disable the CacheControl no-store header on the login page</td></tr>
+<tr><td><a href="mod_auth_form.html#authformfakebasicauth">AuthFormFakeBasicAuth <var>On|Off</var></a></td><td> Off </td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">Fake a Basic Authentication header</td></tr>
+<tr class="odd"><td><a href="mod_auth_form.html#authformlocation">AuthFormLocation <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The name of a form field carrying a URL to redirect to on successful login</td></tr>
+<tr><td><a href="mod_auth_form.html#authformloginrequiredlocation">AuthFormLoginRequiredLocation <var>url</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">The URL of the page to be redirected to should login be required</td></tr>
+<tr class="odd"><td><a href="mod_auth_form.html#authformloginsuccesslocation">AuthFormLoginSuccessLocation <var>url</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The URL of the page to be redirected to should login be successful</td></tr>
+<tr><td><a href="mod_auth_form.html#authformlogoutlocation">AuthFormLogoutLocation <var>uri</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">The URL to redirect to after a user has logged out</td></tr>
+<tr class="odd"><td><a href="mod_auth_form.html#authformmethod">AuthFormMethod <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The name of a form field carrying the method of the request to attempt on successful login</td></tr>
+<tr><td><a href="mod_auth_form.html#authformmimetype">AuthFormMimetype <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">The name of a form field carrying the mimetype of the body of the request to attempt on successful login</td></tr>
+<tr class="odd"><td><a href="mod_auth_form.html#authformpassword">AuthFormPassword <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The name of a form field carrying the login password</td></tr>
+<tr><td><a href="mod_auth_form.html#authformprovider">AuthFormProvider <var>provider-name</var>
+[<var>provider-name</var>] ...</a></td><td> file </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets the authentication provider(s) for this location</td></tr>
+<tr class="odd"><td><a href="mod_auth_form.html#authformsitepassphrase">AuthFormSitePassphrase <var>secret</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Bypass authentication checks for high traffic sites</td></tr>
+<tr><td><a href="mod_auth_form.html#authformsize">AuthFormBody <var>size</var></a></td><td></td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">The largest size of the form in bytes that will be parsed for the login details</td></tr>
+<tr class="odd"><td><a href="mod_auth_form.html#authformusername">AuthFormUsername <var>fieldname</var></a></td><td></td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The name of a form field carrying the login username</td></tr>
+<tr><td><a href="mod_authz_groupfile.html#authgroupfile">AuthGroupFile <var>file-path</var></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets the name of a text file containing the list
of user groups for authorization</td></tr>
-<tr><td><a href="mod_authnz_ldap.html#authldapbinddn">AuthLDAPBindDN <em>distinguished-name</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Optional DN to use in binding to the LDAP server</td></tr>
-<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapbindpassword">AuthLDAPBindPassword <em>password</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Password used in conjuction with the bind DN</td></tr>
-<tr><td><a href="mod_authnz_ldap.html#authldapcharsetconfig">AuthLDAPCharsetConfig <em>file-path</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Language to charset conversion configuration file</td></tr>
-<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapcomparednonserver">AuthLDAPCompareDNOnServer on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use the LDAP server to compare the DNs</td></tr>
-<tr><td><a href="mod_authnz_ldap.html#authldapdereferencealiases">AuthLDAPDereferenceAliases never|searching|finding|always</a></td><td> always </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">When will the module de-reference aliases</td></tr>
-<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapgroupattribute">AuthLDAPGroupAttribute <em>attribute</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">LDAP attributes used to identify the user members of
+<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapbinddn">AuthLDAPBindDN <em>distinguished-name</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Optional DN to use in binding to the LDAP server</td></tr>
+<tr><td><a href="mod_authnz_ldap.html#authldapbindpassword">AuthLDAPBindPassword <em>password</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Password used in conjuction with the bind DN</td></tr>
+<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapcharsetconfig">AuthLDAPCharsetConfig <em>file-path</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Language to charset conversion configuration file</td></tr>
+<tr><td><a href="mod_authnz_ldap.html#authldapcomparednonserver">AuthLDAPCompareDNOnServer on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Use the LDAP server to compare the DNs</td></tr>
+<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapdereferencealiases">AuthLDAPDereferenceAliases never|searching|finding|always</a></td><td> always </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">When will the module de-reference aliases</td></tr>
+<tr><td><a href="mod_authnz_ldap.html#authldapgroupattribute">AuthLDAPGroupAttribute <em>attribute</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">LDAP attributes used to identify the user members of
groups.</td></tr>
-<tr><td><a href="mod_authnz_ldap.html#authldapgroupattributeisdn">AuthLDAPGroupAttributeIsDN on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Use the DN of the client username when checking for
+<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapgroupattributeisdn">AuthLDAPGroupAttributeIsDN on|off</a></td><td> on </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use the DN of the client username when checking for
group membership</td></tr>
-<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth <var>Number</var></a></td><td> 10 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the maximum sub-group nesting depth that will be
+<tr><td><a href="mod_authnz_ldap.html#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth <var>Number</var></a></td><td> 10 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies the maximum sub-group nesting depth that will be
evaluated before the user search is discontinued.</td></tr>
-<tr><td><a href="mod_authnz_ldap.html#authldapremoteuserattribute">AuthLDAPRemoteUserAttribute uid</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Use the value of the attribute returned during the user
+<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapremoteuserattribute">AuthLDAPRemoteUserAttribute uid</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use the value of the attribute returned during the user
query to set the REMOTE_USER environment variable</td></tr>
-<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapremoteuserisdn">AuthLDAPRemoteUserIsDN on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use the DN of the client username to set the REMOTE_USER
+<tr><td><a href="mod_authnz_ldap.html#authldapremoteuserisdn">AuthLDAPRemoteUserIsDN on|off</a></td><td> off </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Use the DN of the client username to set the REMOTE_USER
environment variable</td></tr>
-<tr><td><a href="mod_authnz_ldap.html#authldapsubgroupattribute">AuthLDAPSubGroupAttribute <em>attribute</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies the attribute labels, one value per
+<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapsubgroupattribute">AuthLDAPSubGroupAttribute <em>attribute</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the attribute labels, one value per
directive line, used to distinguish the members of the current group that
are groups.</td></tr>
-<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapsubgroupclass">AuthLDAPSubGroupClass <em>LdapObjectClass</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies which LDAP objectClass values identify directory
+<tr><td><a href="mod_authnz_ldap.html#authldapsubgroupclass">AuthLDAPSubGroupClass <em>LdapObjectClass</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies which LDAP objectClass values identify directory
objects that are groups during sub-group processing.</td></tr>
-<tr><td><a href="mod_authnz_ldap.html#authldapurl">AuthLDAPUrl <em>url [NONE|SSL|TLS|STARTTLS]</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">URL specifying the LDAP search parameters</td></tr>
-<tr class="odd"><td><a href="mod_authn_core.html#authname">AuthName <var>auth-domain</var></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Authorization realm for use in HTTP
+<tr class="odd"><td><a href="mod_authnz_ldap.html#authldapurl">AuthLDAPUrl <em>url [NONE|SSL|TLS|STARTTLS]</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">URL specifying the LDAP search parameters</td></tr>
+<tr><td><a href="mod_authn_core.html#authname">AuthName <var>auth-domain</var></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Authorization realm for use in HTTP
authentication</td></tr>
-<tr><td><a href="mod_authn_core.html#authnprovideralias"><AuthnProviderAlias <var>baseProvider Alias</var>>
-... </AuthnProviderAlias></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of directives that represent an
+<tr
class="odd"><td><a href="mod_authn_core.html#authnprovideralias"><AuthnProviderAlias <var>baseProvider Alias</var>>
+... </AuthnProviderAlias></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of directives that represent an
extension of a base authentication provider and referenced by
the specified alias</td></tr>
-<tr class="odd"><td><a href="mod_authn_core.html#authtype">AuthType None|Basic|Digest|Form</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Type of user authentication</td></tr>
-<tr><td><a href="mod_authn_file.html#authuserfile">AuthUserFile <var>file-path</var></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets the name of a text file containing the list of users and
+<tr><td><a href="mod_authn_core.html#authtype">AuthType None|Basic|Digest|Form</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Type of user authentication</td></tr>
+<tr class="odd"><td><a href="mod_authn_file.html#authuserfile">AuthUserFile <var>file-path</var></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the name of a text file containing the list of users and
passwords for authentication</td></tr>
-<tr class="odd"><td><a href="mod_authz_dbd.html#authzdbdlogintoreferer">AuthzDBDLoginToReferer On|Off</a></td><td> Off </td><td>d</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether to redirect the Client to the Referring
+<tr><td><a href="mod_authz_dbd.html#authzdbdlogintoreferer">AuthzDBDLoginToReferer On|Off</a></td><td> Off </td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">Determines whether to redirect the Client to the Referring
page on successful login or logout if a <code>Referer</code> request
header is present</td></tr>
-<tr><td><a href="mod_authz_dbd.html#authzdbdquery">AuthzDBDQuery <var>query</var></a></td><td></td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">Specify the SQL Query for the required operation</td></tr>
-<tr class="odd"><td><a href="mod_authz_dbd.html#authzdbdredirectquery">AuthzDBDRedirectQuery <var>query</var></a></td><td></td><td>d</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specify a query to look up a login page for the user</td></tr>
-<tr><td><a href="mod_authz_dbm.html#authzdbmtype">AuthzDBMType default|SDBM|GDBM|NDBM|DB</a></td><td> default </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the type of database file that is used to
+<tr class="odd"><td><a href="mod_authz_dbd.html#authzdbdquery">AuthzDBDQuery <var>query</var></a></td><td></td><td>d</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specify the SQL Query for the required operation</td></tr>
+<tr><td><a href="mod_authz_dbd.html#authzdbdredirectquery">AuthzDBDRedirectQuery <var>query</var></a></td><td></td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">Specify a query to look up a login page for the user</td></tr>
+<tr class="odd"><td><a href="mod_authz_dbm.html#authzdbmtype">AuthzDBMType default|SDBM|GDBM|NDBM|DB</a></td><td> default </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the type of database file that is used to
store list of user groups</td></tr>
-<tr class="odd"><td><a href="mod_authz_default.html#authzdefaultauthoritative">AuthzDefaultAuthoritative On|Off</a></td><td> On </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets whether authorization is passed to lower level
-modules</td></tr>
-<tr><td><a href="mod_authz_core.html#authzmergerules">AuthzMergeRules on | off</a></td><td> on </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Set to 'on' to allow the parent's <Directory> or <Location>
-authz rules to be merged into the current <Directory> or <Location>.
-Set to 'off' to disable merging. If set to 'off', only the authz rules defined in
-the current <Directory> or <Location> block will apply.</td></tr>
+<tr><td><a href="mod_authz_core.html#authzprovideralias"><AuthzProviderAlias <var>baseProvider Alias Require-Parameters</var>>
+... </AuthzProviderAlias>
+</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of directives that represent an
+extension of a base authorization provider and referenced by the specified
+alias</td></tr>
<tr class="odd"><td><a href="mod_proxy.html#balancermember" id="B" name="B">BalancerMember <var>url</var> [<var>key=value [key=value ...]]</var></a></td><td></td><td>d</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Add a member to a load balancing group</td></tr>
<tr><td><a href="mod_setenvif.html#browsermatch">BrowserMatch <em>regex [!]env-variable</em>[=<em>value</em>]
[[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables conditional on HTTP User-Agent
<tr><td><a href="mod_log_config.html#logformat">LogFormat <var>format</var>|<var>nickname</var>
[<var>nickname</var>]</a></td><td> "%h %l %u %t \"%r\" +</td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Describes a format for use in a log file</td></tr>
<tr class="odd"><td><a href="core.html#loglevel">LogLevel <var>level</var></a></td><td> warn </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Controls the verbosity of the ErrorLog</td></tr>
-<tr><td><a href="mpm_common.html#maxclients" id="M" name="M">MaxClients <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Maximum number of connections that will be processed
+<tr><td><a href="mod_authz_core.html#match" id="M" name="M">Match [not] <var>entity-name</var>
+[<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
+an authorization provider.</td></tr>
+<tr class="odd"><td><a href="mod_authz_core.html#matchall"><MatchAll>
+... </MatchAll></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+must fail and at least one must succeed for the enclosing directive to
+succeed.</td></tr>
+<tr><td><a href="mod_authz_core.html#matchany"><MatchAny>
+... </MatchAny></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which one
+must succeed for the enclosing directive to succeed.</td></tr>
+<tr class="odd"><td><a href="mod_authz_core.html#matchnotall"><MatchNotAll>
+... </MatchNotAll></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which some
+must fail or none must succeed for the enclosing directive to
+not fail.</td></tr>
+<tr><td><a href="mod_authz_core.html#matchnotany"><MatchNotAny>
+... </MatchNotAny></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+none must succeed for the enclosing directive to not fail.</td></tr>
+<tr class="odd"><td><a href="mpm_common.html#maxclients">MaxClients <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of connections that will be processed
simultaneously</td></tr>
-<tr class="odd"><td><a href="core.html#maxkeepaliverequests">MaxKeepAliveRequests <var>number</var></a></td><td> 100 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Number of requests allowed on a persistent
+<tr><td><a href="core.html#maxkeepaliverequests">MaxKeepAliveRequests <var>number</var></a></td><td> 100 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Number of requests allowed on a persistent
connection</td></tr>
-<tr><td><a href="mpm_common.html#maxmemfree">MaxMemFree <var>KBytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Maximum amount of memory that the main allocator is allowed
+<tr class="odd"><td><a href="mpm_common.html#maxmemfree">MaxMemFree <var>KBytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of memory that the main allocator is allowed
to hold without calling <code>free()</code></td></tr>
-<tr class="odd"><td><a href="mpm_common.html#maxrequestsperchild">MaxRequestsPerChild <var>number</var></a></td><td> 10000 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Limit on the number of requests that an individual child server
+<tr><td><a href="mpm_common.html#maxrequestsperchild">MaxRequestsPerChild <var>number</var></a></td><td> 10000 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Limit on the number of requests that an individual child server
will handle during its life</td></tr>
-<tr><td><a href="beos.html#maxrequestsperthread">MaxRequestsPerThread <var>number</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Limit on the number of requests that an individual thread
+<tr class="odd"><td><a href="beos.html#maxrequestsperthread">MaxRequestsPerThread <var>number</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Limit on the number of requests that an individual thread
will handle during its life</td></tr>
-<tr class="odd"><td><a href="prefork.html#maxspareservers">MaxSpareServers <var>number</var></a></td><td> 10 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of idle child server processes</td></tr>
-<tr><td><a href="mpm_common.html#maxsparethreads">MaxSpareThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Maximum number of idle threads</td></tr>
-<tr class="odd"><td><a href="mpm_netware.html#maxthreads">MaxThreads <var>number</var></a></td><td> 2048 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Set the maximum number of worker threads</td></tr>
-<tr><td><a href="perchild.html#maxthreadsperchild">MaxThreadsPerChild <var>number</var></a></td><td> 64 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Maximum number of threads per child process</td></tr>
-<tr class="odd"><td><a href="mod_mem_cache.html#mcachemaxobjectcount">MCacheMaxObjectCount <var>value</var></a></td><td> 1009 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The maximum number of objects allowed to be placed in the
+<tr><td><a href="prefork.html#maxspareservers">MaxSpareServers <var>number</var></a></td><td> 10 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Maximum number of idle child server processes</td></tr>
+<tr class="odd"><td><a href="mpm_common.html#maxsparethreads">MaxSpareThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of idle threads</td></tr>
+<tr><td><a href="mpm_netware.html#maxthreads">MaxThreads <var>number</var></a></td><td> 2048 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Set the maximum number of worker threads</td></tr>
+<tr class="odd"><td><a href="perchild.html#maxthreadsperchild">MaxThreadsPerChild <var>number</var></a></td><td> 64 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of threads per child process</td></tr>
+<tr><td><a href="mod_mem_cache.html#mcachemaxobjectcount">MCacheMaxObjectCount <var>value</var></a></td><td> 1009 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">The maximum number of objects allowed to be placed in the
cache</td></tr>
-<tr><td><a href="mod_mem_cache.html#mcachemaxobjectsize">MCacheMaxObjectSize <var>bytes</var></a></td><td> 10000 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">The maximum size (in bytes) of a document allowed in the
+<tr class="odd"><td><a href="mod_mem_cache.html#mcachemaxobjectsize">MCacheMaxObjectSize <var>bytes</var></a></td><td> 10000 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The maximum size (in bytes) of a document allowed in the
cache</td></tr>
-<tr class="odd"><td><a href="mod_mem_cache.html#mcachemaxstreamingbuffer">MCacheMaxStreamingBuffer <var>size_in_bytes</var></a></td><td> the smaller of 1000 +</td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of a streamed response to buffer in memory
+<tr><td><a href="mod_mem_cache.html#mcachemaxstreamingbuffer">MCacheMaxStreamingBuffer <var>size_in_bytes</var></a></td><td> the smaller of 1000 +</td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum amount of a streamed response to buffer in memory
before declaring the response uncacheable</td></tr>
-<tr><td><a href="mod_mem_cache.html#mcacheminobjectsize">MCacheMinObjectSize <var>bytes</var></a></td><td> 1 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">The minimum size (in bytes) of a document to be allowed in the
+<tr class="odd"><td><a href="mod_mem_cache.html#mcacheminobjectsize">MCacheMinObjectSize <var>bytes</var></a></td><td> 1 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The minimum size (in bytes) of a document to be allowed in the
cache</td></tr>
-<tr class="odd"><td><a href="mod_mem_cache.html#mcacheremovalalgorithm">MCacheRemovalAlgorithm LRU|GDSF</a></td><td> GDSF </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The algorithm used to select documents for removal from the
+<tr><td><a href="mod_mem_cache.html#mcacheremovalalgorithm">MCacheRemovalAlgorithm LRU|GDSF</a></td><td> GDSF </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">The algorithm used to select documents for removal from the
cache</td></tr>
-<tr><td><a href="mod_mem_cache.html#mcachesize">MCacheSize <var>KBytes</var></a></td><td> 100 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">The maximum amount of memory used by the cache in
+<tr class="odd"><td><a href="mod_mem_cache.html#mcachesize">MCacheSize <var>KBytes</var></a></td><td> 100 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The maximum amount of memory used by the cache in
KBytes</td></tr>
+<tr><td><a href="mod_authz_core.html#mergeauthz">MergeAuthz Off | MatchAll | MatchAny</a></td><td> Off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls the manner in which each configuration section's
+authorization logic is combined with that of preceding configuration
+sections.</td></tr>
<tr class="odd"><td><a href="mod_cern_meta.html#metadir">MetaDir <var>directory</var></a></td><td> .web </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the directory to find CERN-style meta information
files</td></tr>
<tr><td><a href="mod_cern_meta.html#metafiles">MetaFiles on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Activates CERN meta-file processing</td></tr>
a different URL</td></tr>
<tr><td><a href="mod_alias.html#redirecttemp">RedirectTemp <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sends an external temporary redirect asking the client to fetch
a different URL</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#reject">Reject <var>entity-name</var> [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Rejects authenticated users or host based
-requests from accessing a resource</td></tr>
-<tr><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any character set associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any character set associations for a set of file
extensions</td></tr>
-<tr
class="odd"><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content encoding associations for a set of file
+<tr><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content encoding associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any handler associations for a set of file
+<tr
class="odd"><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any handler associations for a set of file
extensions</td></tr>
-<tr
class="odd"><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any input filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any input filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any language associations for a set of file
+<tr
class="odd"><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any language associations for a set of file
extensions</td></tr>
-<tr
class="odd"><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any output filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any output filter associations for a set of file
extensions</td></tr>
-<tr><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content type associations for a set of file
+<tr
class="odd"><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content type associations for a set of file
extensions</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#requestheader">RequestHeader set|append|merge|add|unset|edit <var>header</var>
-[<var>value</var>] [<var>replacement</var>] [early|env=[!]<var>variable</var>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
-<tr><td><a href="mod_authz_core.html#require">Require <var>entity-name</var> [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Selects which authenticated users can access
-a resource</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#requirealias"><RequireAlias <var>baseProvider Alias Require-Parameters</var>>
-... </RequireAlias>
-</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of directives that represent an
-extension of a base authorization provider and referenced by the specified
-alias</td></tr>
+<tr><td><a href="mod_headers.html#requestheader">RequestHeader set|append|merge|add|unset|edit <var>header</var>
+[<var>value</var>] [<var>replacement</var>] [early|env=[!]<var>variable</var>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
+<tr class="odd"><td><a href="mod_authz_core.html#require">Require <var>entity-name</var> [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
+an authorization provider.</td></tr>
<tr><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
<tr class="odd"><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
<em>TestString</em> <em>CondPattern</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a condition under which rewriting will take place
processes launched by Apache children</td></tr>
<tr><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Interaction between host-level access control and
user authentication</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#satisfyall"><SatisfyAll>
-... </SatisfyAll></a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives that must all
-be satisfied in order to grant access to a resource. This block allows
-for 'AND' logic to be applied to various authorization providers.</td></tr>
-<tr><td><a href="mod_authz_core.html#satisfyone"><SatisfyOne>
-... </SatisfyOne></a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives that must
-satisfy at least one in order to grant access to a resource. This
-block allows for 'OR' logic to be applied to various authorization
-providers.</td></tr>
<tr class="odd"><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_status </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the file used to store coordination data for
the child processes</td></tr>
<tr><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Activates a CGI script for a particular request
console. The user can thus be alerted to misconfiguration problems
before the core <code>open_logs</code> hook function redirects
console output to the error log.</dd>
- <dt>Expression Parser Added</dt>
- <dd>We now have a general-purpose expression parser, whose API is
- exposed in <var>ap_expr.h</var>. This is adapted from the
- expression parser previously implemented in
- <code class="module"><a href="./mod/mod_include.html">mod_include</a></code>.</dd>
+
+ <dt>Expression Parser Added</dt>
+
+ <dd>We now have a general-purpose expression parser, whose API is
+ exposed in <var>ap_expr.h</var>. This is adapted from the
+ expression parser previously implemented in
+ <code class="module"><a href="./mod/mod_include.html">mod_include</a></code>.</dd>
+
+ <dt>Authorization Logic Containers</dt>
+
+ <dd>Advanced authorization logic may now be specified using the
+ <code class="directive"><a href="./mod/mod_authz_core.html#match">Match</a></code> directive
+ and the related container directives, such as
+ <code class="directive"><a href="./mod/mod_authz_core.html#matchall"><MatchAll></a></code>, all
+ provided by the <code class="module"><a href="./mod/mod_authz_core.html">mod_authz_core</a></code> module.</dd>
</dl>
</div></div>
<div class="bottomlang">
<li><a href="mod/mod_authn_core.html">Apache Module mod_authn_core</a></li>
<li><a href="mod/mod_authn_dbd.html">Apache Module mod_authn_dbd</a></li>
<li><a href="mod/mod_authn_dbm.html">Apache Module mod_authn_dbm</a></li>
-<li><a href="mod/mod_authn_default.html">Apache Module mod_authn_default</a></li>
<li><a href="mod/mod_authn_file.html">Apache Module mod_authn_file</a></li>
<li><a href="mod/mod_authnz_ldap.html">Apache Module mod_authnz_ldap</a></li>
<li><a href="mod/mod_authz_core.html">Apache Module mod_authz_core</a></li>
<li><a href="mod/mod_authz_dbd.html">Apache Module mod_authz_dbd</a></li>
<li><a href="mod/mod_authz_dbm.html">Apache Module mod_authz_dbm</a></li>
-<li><a href="mod/mod_authz_default.html">Apache Module mod_authz_default</a></li>
<li><a href="mod/mod_authz_groupfile.html">Apache Module mod_authz_groupfile</a></li>
<li><a href="mod/mod_authz_host.html">Apache Module mod_authz_host</a></li>
<li><a href="mod/mod_authz_owner.html">Apache Module mod_authz_owner</a></li>
projects / apache / commitdiff